On Wed, 23 Jan 2008, Ron Schmittou wrote:
> SO what should us more mechanically inclined than technically inclined
> folks do? I thought setting up with a required key you have to enter
> was secure? How are people getting pass this?
There are three different "standard" encryption techniques in today's
consumer-grade wi-fi access points: WEP, WPA and WPA2.
WEP, as it has been discussed here, is pretty transparent. It is useful
simply to keep the casual knob-twister out.
WPA is also crackable. It just takes more effort.
WPA2 has trouble, but I'm not sure I've yet read of any cracks of a
properly-secured WPA2 network. There are varying measurements of
"properly-secured" - some require SecureID tokens, etc.
Fundamentally, there are two different related concerns that anyone
running a wireless network should have in mind. One is how much you need
to protect the data you're passing through the air, the other is how hard
you need to make it to get onto *your* network (to go somewhere else).
If you're concerned about the data payload being captured, then make it as
secure as you practically can - use WPA2 - or don't use wireless at all.
It is not unreasonable to have one wireless network for your TiVo (or
other devices that can't/won't go to the max on security) - or to simply
run wires (if possible).
I see no trouble with using WEP in many lower-density environments,
particularly if there are other more easy-pickings for someone who is
looking to find a wifi network for Internet access (for whatever
purposes). Personally, I run a single 64-bit WEP-encrypted WLAN at my
house (in my lower-density neighborhood), and make sure that the data that
may flow through the air is encrypted at layer 3 (via SSL or
SSH), rather than rely on the data-link (layer 2) protection.
If you have gone to reasonable lengths to close your network to the
outside, I would expect it to be pretty difficult to an entity to find you
liable for whatever havoc an outside party could wreak (were said outside
party to break into and use your network connection to wreak said havoc).
By the way, if real data-grade wiring is impractical, have a look into
HPNA 2.0 (10Mbit over almost any telephone-ish copper pair) or
data-over-powerlines (like HomePlug, which is up to "85 Mbit"). Both are
accomplished with equipment that isn't too expensive (well under $50 for
at least two nodes). Then again.. I guess someone could hook *his* HPNA
gear to the NID (if it is outside your house) or tap into your electrical
Peter Murray (N3IXY)
Oak Hill, VA
Support Team.Net http://www.team.net/donate.html
Shop-talk mailing list