Re: Securing an Ad Hoc Network
- From: "Steve Winograd [MVP]" <bcmaven@xxxxxxxx>
- Date: Thu, 02 Nov 2006 19:05:53 -0700
In article <ego1x3s$GHA.996@xxxxxxxxxxxxxxxxxxxx>, Lem
<lemp40@xxxxxxxxxxx> wrote:
Steve Winograd [MVP] wrote:
In article <883A360F-D0D9-4A1F-893C-70F80F1BCF3C@xxxxxxxxxxxxx>, AmyM
<AmyM@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I am using XP Pro on 2 notebooks. I have just set them up on a peer-to-peer
connection with each other. The data encryption is set to WEP, however from
what I am reading this is a vulnerable method. These notebooks will be used
in meeting environments where corporate espionage is a concern. Is there any
way for me to enhance the security of these two units and still remain
wireless? Perhaps make the network itself invisible? Thank you in advance.
Windows XP Service Pack 2 supports the more secure WPA and WPA2 data
encryption standards. If the wireless network adapters in the
notebooks support WPA or WPA2, use it. If they don't, consider
replacing them.
I could be wrong, but as far as I am aware,
Neither WPA-PSK nor WPA2-PSK, regardless of the encryption algorithm
being TKIP or AES, is supported in XP in ad hoc mode.
In Vista, WPA2-PSK with AES is supported in ad hoc mode. WPA2-PSK with
TKIP and WPA-PSK with either TKIP or AES are not supported.
IN XP sp1 there was an option for "WPA-None", but from what I
understand, that (a) wasn't much, if any, more secure than WEP, and (b)
is no longer available in sp2.
If I am wrong, I'd appreciate a link to some official documentation that
shows WPA-PSK supported in ad hoc mode. I don't have a wireless
computer here, so I can't test it empirically.
Hi, Lem, and thanks for your though-provoking reply.
You're right that a Windows XP ad-hoc wireless connection can't use a
pre-shared key (WPA-PSK or WPA2-PSK).
WPA-None is still supported in SP2 for an ad-hoc wireless connection.
You can open the wireless connection properties and specify it as the
value for Network Authentication.
However, on reflection, it might not be a good choice for Amy,
because:
1. I don't know what wireless network adapters actually support
WPA-None in the hardware and drivers. I'd recommend using identical
make/model adapters in both computers. Even then, it could be iffy.
2. I've seen reports that installing WPA2 support removes WPA-None.
3. I don't know if it's more secure than WEP.
I haven't found any good documentation of this from Microsoft. It's
mentioned in this article:
The Cable Guy - July 2003
Configuring Wireless Settings Using Windows Server 2003 Group Policy
http://www.microsoft.com/technet/community/columns/cableguy/cg0703.mspx
It's described in this Cisco web page:
http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/350cards/windows/incfg9/win6_ape.htm
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)
Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.
Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
.
- Follow-Ups:
- Re: Securing an Ad Hoc Network
- From: Lem
- Re: Securing an Ad Hoc Network
- References:
- Re: Securing an Ad Hoc Network
- From: Steve Winograd [MVP]
- Re: Securing an Ad Hoc Network
- From: Lem
- Re: Securing an Ad Hoc Network
- Prev by Date: Re: Debug process for "you may not have access rights...."
- Next by Date: Re: Debug process for "you may not have access rights...."
- Previous by thread: Re: Securing an Ad Hoc Network
- Next by thread: Re: Securing an Ad Hoc Network
- Index(es):
Relevant Pages
|
