[Ham-Computers] RE: ADVICE - wireless
Michael Cobb
mcobb at cobbcomm.com
Sat Aug 14 22:59:32 EDT 2004
FYI,
http://www.digitalhomemag.com/wireless/howdoisetitup3.shtml
-----Original Message-----
From: ham-computers-bounces at mailman.qth.net
[mailto:ham-computers-bounces at mailman.qth.net] On Behalf Of Hsu, Aaron (NBC
Universal)
Sent: Saturday, August 14, 2004 7:58 PM
To: 'I>Ham-Computers'
Cc: 'wxfreqrs at cableone.net'
Subject: [Ham-Computers] RE: ADVICE - wireless
Don't just employ encryption...know what type of encryption to use.
The original Wired Equivalency Privacy (WEP) is flawed and a studious hacker
can get your encryption key(s) in a matter of hours (or even minutes). The
basic flaw is that WEP uses the same key for both "authentication" and data
"encryption". Why is this a problem? On a wireless Access Point (AP) setup
to use "Shared Key" WEP, the key is sent in "clear text". Well, "DUH"!. I
think you can clearly see the problem. AP's with "Open key" authentication
allow any wireless client to connect, but then require the client to have
the right key to en/decode data and use the access point - no key means no
access and the key is never sent in clear-text. However, because the key
doesn't change on a regular basis, a hacker can easily look for data
patterns and figure out the key given a few hours(esp since WEP is only
available with 40-bit and 104-bit encryption keys).
The recently approved replacement to WEP is WiFi Protected Access (WPA).
There are several encryption algorithyms available (TKIP, 3DES, AES), but
all access points that support WPA have at least TKIP. TKIP is fairly
secure and 3DES and AES are more secure options on some routers (some
support 256-bit AES!). And, since the keys are designed to change after a
preset amount of time, hackers hopefully won't be able to find a pattern.
So, if you're looking into 802.11a/b/g, definitely look for something that
supports WPA "out-of-the-box". Supposedly, all older AP's can be firmware
upgraded to WPA, but that's been proven wrong. Some older AP's don't have
enough RAM/ROM to support WPA and some don't have enought CPU horse power
without a serious drop in data rates. Beware those new boxes that have a
sticker that says "WPA" upgradable. If it's able to support WPA, then why
not ship with WPA? Usually, that means that the vendor is having a problem
adding WPA due to one of the short-commings listed above.
73,
- Aaron, NN6O
-----Original Message-----
From: Don [mailto:wxfreqrs at cableone.net]
Sent: Saturday, August 14, 2004 7:37 PM
To: Computers (or other) used for amateur radio, communications, or
experimenting
Subject: Re: [Ham-Computers] ADVICE - wireless
will employ encryption
Don
SEMPER VIGILS
PEACE THROUGH SUPERIOR FIREPOWER http://www.angelfire.com/ms2/paswx REAL
TIME OBS PAGE http://www.jcmsara.org. Jackson County Ms Club Page
----- Original Message -----
From: "jeff" <jeffv at op.net>
To: "Computers (or other) used for amateur radio, communications, or
experimenting" <ham-computers at mailman.qth.net>
Sent: Saturday, August 14, 2004 9:40 PM
Subject: [Ham-Computers] ADVICE - wireless
> On Sat, 2004-08-14 at 21:10, Don wrote:
> > thanks
> > WIRELESS next year when a add laptop
>
>
> Don -
> It gets better. No matter what you're told, wireless is insecure. Be
> aware that anything you transmit can be received, kind of like people
> with scanners picking up cordless and cel phones.
>
> If any of you decide to go wireless, please read up on security and
> enable every feature you can to provide additional security.
>
>
> If you're a security nut, don't go wireless.
>
_______________________________________________
Ham-Computers mailing list
Ham-Computers at mailman.qth.net
http://mailman.qth.net/mailman/listinfo/ham-computers
More information about the Ham-Computers
mailing list