Re: No WEP key works?

From: Brett (no_at_spam.net)
Date: 09/14/04

• Next message: Hans-Georg Michna: "Re: XP SP2 Crashes when accessed via network"
• Previous message: Mark Corbelli: "Re: adding a network printer"
• In reply to: Max Bolingbroke: "Re: No WEP key works?"
• Next in thread: Max Bolingbroke: "Re: No WEP key works?"
• Reply: Max Bolingbroke: "Re: No WEP key works?"
• Messages sorted by: [ date ] [ thread ]

Date: Tue, 14 Sep 2004 07:12:35 -0400

"Max Bolingbroke" <batterseapower@hotmail.com> wrote in message
news:4145dafe$0$22750$db0fefd9@news.zen.co.uk...
> Brett wrote:
>>>A MAC filter isn't very secure, but its better than nothing. You setup
>>>your router/access point with a list of MAC addresses that it will allow
>>>to connect to it. Any other computers will have MAC addresses that are
>>>not on the list, and so will not be able to connect. One problem is that
>>>the actual data is sent unencrypted, so people can still eavesdrop on
>>>your data, though not send any of their own. A more annoying problem is
>>>that they can just change their MAC address and suddenly be able to
>>>connect..
>>>
>>>Your setup sounds good! Two layers of protection is excellent, but a
>>>problem could occur when wireless clients connect, if they manage to
>>>break the relatively insecure MAC filtered or horrendously insecure open
>>>environment. They will be able to bypass the router firewall, at least,
>>>which could have some nasty consequences. I would give you a 6 with your
>>>wireless networking open, or a 9 if you can get WEP working (WEP has
>>>known vunerabilities still, however :))
>>>
>>>To stop responding to pings, check your router configuration. Assuming
>>>you are running a NAT network, it is probably the router responding to
>>>pings - there might be an option to turn that off. If you are running a
>>>non-NAT network, zonealarm may have a setting to stop pings, or you could
>>>use the Windows Firewall as well/instead and set it up not to respond to
>>>ICMP echo packets (pings).
>>>
>>>The IP limitation thing you talk about might deter the casual
>>>comprimiser, but as soon as one of those machines is switched off, the IP
>>>is open for use without any detrimental effects. Even with another PC
>>>using the IP, someone could still technically use the in-use IP and get
>>>all the reply packets (unlike normal IP spoofing), since they are on the
>>>same network segment and the packets will be broadcast to both PCs with
>>>the IP.
>>>
>>>The upshot of all of this is that its a really good idea to get WEP, or,
>>>even better, WPA working. Are you running a network of wifi equipment
>>>from different manufacturers? Thats the only situation where I've seen
>>>this WEP problem..
>>>
>>>Max Bolingbroke
>>
>>
>> Max, Thanks. I now have WPA-TKIP working. I'm using the Passphrase
>> (8-63 chars) rather than Hex (64 bits). Which of those is better.
>>
>> Since I'm now using WPA, will the MAC addresses be encrypted for MAC
>> filtering? Meaning, being able to use MAC filtering without the problems
>> you mentioned earlier.
>>
>> Also, my network now shows up with a lock in avialable networks. Clients
>> are allowed to use WPA only. Also, I've checked "discard ping to WAN".
>> Running ShieldsUp, my network passes the ICMP ping test. However, it is
>> sending information to the source and thereby exposing its existence.
>> I'm not sure yet how to turn that off. Here is what I have checked:
>>
>> Intrusion Detection Feature
>> SPI and Anti-DoS firewall protection : X
>> RIP defect : X
>> Discard Ping To WAN : X
>>
>> Stateful Packet Inspection
>> Packet Fragmentation X
>> TCP Connection X
>> UDP Session X
>> FTP Service X
>> H.323 Service X
>> TFTP Service X
>>
>> Do any of the above seem as though they would send information to the
>> source? The router is trying to gather info on the source in case I'd
>> like that emailed to me. I haven't filled in my email info but I guess
>> it gathers either way.
>>
>> Thanks,
>> Brett
>
> Hi,
>
> It's great to hear of your WPA success! Personally I would favour a
> totally random hex key, as using a passphrase leaves you open to
> dictionary-based attacks (providing the algorithm used to generate the key
> from the phrase is known). This is reaching the outer degrees of
> probability though, so I'd say you were OK.
>
> If you decide to use MAC filtering as well, data will still be encrypted
> by WPA and so you will not have any issues there. However, it is still
> bypassable by changing your MAC address to one you have decided to trust,
> however IIRC MAC addresses are hidden from packet sniffers with WPA
> enabled (not 100% sure here).
>
> I'm not sure I can be of more help with your router problems unless I know
> what brand/model it is. Could you furnish me with that info and also
> confirm that you are failing the "Unsolicited Packets" packets test? Or is
> it the "Solicited TCP Packets" test? BTW, none of the settings there look
> like they should be a problem.
>
> Max Bolingbroke

Max,

My router model is SMC2804WBRP-G.

How exactly do I "generate" a random hex key? Do I need to download a
generater from download.com or somewhere?

I tried the Shields Up test again this morning and now I pass. Pings are
being ignored and I'm not passing any back out. The Symantec test also
passed except for the virus scan (AV Product check and Virus protection
update check), which I'm not worried about. Are these test saying the router
or my laptop is secure? I'm assuming either way, everything is pretty
secure.

Thanks,
Brett

• Next message: Hans-Georg Michna: "Re: XP SP2 Crashes when accessed via network"
• Previous message: Mark Corbelli: "Re: adding a network printer"
• In reply to: Max Bolingbroke: "Re: No WEP key works?"
• Next in thread: Max Bolingbroke: "Re: No WEP key works?"
• Reply: Max Bolingbroke: "Re: No WEP key works?"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint