Possible to secure WEP?
in [Wireless Internet]
|
From: Ari on 7 Mar 2006 11:33 I am using a WEP wireless modem that does not have the ability to do WPA. I have my file sharing turned off on the wireless computer (laptop) and use it in my home only. I have no interest in connecting computers together to share files, it's strictly a wireless internet connectivity setup. Is there any way to secure the data that passes over the wireless so that it is not available to hackers without buying a different router? I want the data that I send over the air to be relatively secure and I want to make sure no one accesses my system via the wireless. Thanks, A
From: David Taylor on 7 Mar 2006 12:16 > Is there any way to secure the data that passes over the wireless so > that it is not available to hackers without buying a different router? > I want the data that I send over the air to be relatively secure and I > want to make sure no one accesses my system via the wireless. You could change the key every 5 minutes? :)
From: Jeff Liebermann on 7 Mar 2006 12:57 Ari <nomail(a)pass.com> hath wroth: >I am using a WEP wireless modem that does not have the ability to do >WPA. > >I have my file sharing turned off on the wireless computer (laptop) >and use it in my home only. I have no interest in connecting computers >together to share files, it's strictly a wireless internet >connectivity setup. > >Is there any way to secure the data that passes over the wireless so >that it is not available to hackers without buying a different router? >I want the data that I send over the air to be relatively secure and I >want to make sure no one accesses my system via the wireless. Actually, it is possible to secure a wireless network against both intrusion and sniffing without any encryption of any type. It's called a VPN (virtual private network). The random user connects to the network and is give a totally useless IP address by the DHCP server. The default gateway goes only to the VPN server. Without the complex authorization and authentication keys needed to connect to the VPN, the random user gets nowhere. However, if they successfully authenticate with the VPN, a new additional IP address gets issued, with a gateway that points to the corporate LAN or to the internet. At this point, it looks just like a normal wireless connection, except that everything is encapsulated and encrypted inside the VPN packets. The catch is that your home network will need some type of local server that can terminate the VPN. As such, it's not really a suitable solution for home networks but might give you some ideas. If I were to propose such a system, I would need a router that can terminate the VPN, such as a Sonicwall, Netgeear or Netscreen VPN router. The wireless could be provided by a simple wireless access point (or wireless router with the router section disabled) or by a VPN router that has built in wireless. I'm too lazy to itemize models. That will work, but with the added hardware and complexity, you may as well just buy a router that does WPA and forget the VPN. -- Jeff Liebermann jeffl(a)comix.santa-cruz.ca.us 150 Felker St #D http://www.LearnByDestroying.com Santa Cruz CA 95060 http://802.11junk.com Skype: JeffLiebermann AE6KS 831-336-2558
From: Ari on 7 Mar 2006 13:11 On Tue, 07 Mar 2006 17:16:19 GMT, David Taylor <djtaylor(a)bigfoot.com> wrote: >> Is there any way to secure the data that passes over the wireless so >> that it is not available to hackers without buying a different router? >> I want the data that I send over the air to be relatively secure and I >> want to make sure no one accesses my system via the wireless. > >You could change the key every 5 minutes? :) I was thinking more along the lines proxy software on both ends of the wireless, where the user could define the method of encryption or set up a table to change the key every so often automatically, most machines with internet access can easily maintain time within a few seconds, so the keys could be changed on a predefined schedule. This would be software running in the PC, so perhaps this is a weakness.
From: David Taylor on 7 Mar 2006 13:27
> I was thinking more along the lines proxy software on both ends of the > wireless, where the user could define the method of encryption or set > up a table to change the key every so often automatically, most You could do that, want to buy a client that does that? email me ;) David. |