From: spasmous2 on
I was wondering what the difference in security between these two
protocols is: WPA-NONE and WEP.

I have a local area network that shares internet connection from a
cable modem on a desktop computer via a PCI wireless adapter. It works
pretty well but from reading on the internet I learnt the security I
am using (WEP) is flawed. I bought a new wireless adapter that is WPA
enabled, however apparently with my setup I have to use ad hoc network
settings for which WPA-NONE is the only option.

There's scant information out there, but some random posts out there
suggest WPA-NONE is no better than WEP. I have a couple of questions.

1. Is WPA-NONE superior to WEP in terms of security?

2. Is it possible to use Infrastructure mode with my wireless network?
From: Lem on
spasmous2 wrote:
> I was wondering what the difference in security between these two
> protocols is: WPA-NONE and WEP.
>
> I have a local area network that shares internet connection from a
> cable modem on a desktop computer via a PCI wireless adapter. It works
> pretty well but from reading on the internet I learnt the security I
> am using (WEP) is flawed. I bought a new wireless adapter that is WPA
> enabled, however apparently with my setup I have to use ad hoc network
> settings for which WPA-NONE is the only option.
>
> There's scant information out there, but some random posts out there
> suggest WPA-NONE is no better than WEP. I have a couple of questions.
>
> 1. Is WPA-NONE superior to WEP in terms of security?
>
> 2. Is it possible to use Infrastructure mode with my wireless network?

As I recall, the last time I looked into this (over 3 years ago), I came
to the conclusion that WPA-NONE (even if you could actually use it) was
no better than WEP. You don't say what version of Windows you're using,
but the comment below, from MS-MVP Steve Winograd, who is very
knowledgeable about Windows networking, suggests that if you have
installed XP service pack 2 (you should really be at service pack 3 if
you are using Win XP) WPA-NONE is no longer available.

As for your second question, you can (and should) use infrastructure
mode. This should make WPA (or WPA2 if your hardware supports it)
available. However, in order to use infrastructure mode you'll have to
buy a wireless router, assuming that your cable modem has an Ethernet
connection (rather than or in addition to a USB connection). These days,
you can find a wireless-G router for not very much money. I don't keep
up with the various models and prices, but you can check out reviews of
various models here:
http://www.newegg.com/Product/ProductList.aspx?Submit=ENE&N=2050410145%201132809980&bop=And&ActiveSearchResult=True&Order=PRICE

Also consider that using a wireless router provides two big advantages
over your current setup: (1) your desktop computer doesn't need to be
turned on in order for other computers on your LAN to access the
Internet and (2) you have a good hardware barrier (at least NAT and
probably also a firewall) between all of your computers and the Internet.


<Steve Winograd 11/2/06; Quote>
You're right that a Windows XP ad-hoc wireless connection can't use a
pre-shared key (WPA-PSK or WPA2-PSK).

WPA-None is still supported in SP2 for an ad-hoc wireless connection.
You can open the wireless connection properties and specify it as the
value for Network Authentication.

However, on reflection, it might not be a good choice for Amy,
because:

1. I don't know what wireless network adapters actually support
WPA-None in the hardware and drivers. I'd recommend using identical
make/model adapters in both computers. Even then, it could be iffy.

2. I've seen reports that installing WPA2 support removes WPA-None.

3. I don't know if it's more secure than WEP.

I haven't found any good documentation of this from Microsoft. It's
mentioned in this article:

The Cable Guy - July 2003
Configuring Wireless Settings Using Windows Server 2003 Group Policy
http://www.microsoft.com/technet/community/columns/cableguy/cg0703.mspx

It's described in this Cisco web page:

http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/350cards/windows/incfg9/win6_ape.htm

<\QUOTE>
--
Lem

Apollo 11 - 40 years ago:
http://www.nasa.gov/mission_pages/apollo/40th/index.html
From: Lem on
Lem wrote:
> spasmous2 wrote:
>> I was wondering what the difference in security between these two
>> protocols is: WPA-NONE and WEP.
>>
>> I have a local area network that shares internet connection from a
>> cable modem on a desktop computer via a PCI wireless adapter. It works
>> pretty well but from reading on the internet I learnt the security I
>> am using (WEP) is flawed. I bought a new wireless adapter that is WPA
>> enabled, however apparently with my setup I have to use ad hoc network
>> settings for which WPA-NONE is the only option.
>>
>> There's scant information out there, but some random posts out there
>> suggest WPA-NONE is no better than WEP. I have a couple of questions.
>>
>> 1. Is WPA-NONE superior to WEP in terms of security?
>>
>> 2. Is it possible to use Infrastructure mode with my wireless network?
>
> As I recall, the last time I looked into this (over 3 years ago), I came
> to the conclusion that WPA-NONE (even if you could actually use it) was
> no better than WEP. You don't say what version of Windows you're using,
> but the comment below, from MS-MVP Steve Winograd, who is very
> knowledgeable about Windows networking, suggests that if you have
> installed XP service pack 2 (you should really be at service pack 3 if
> you are using Win XP) WPA-NONE is no longer available.
>
> As for your second question, you can (and should) use infrastructure
> mode. This should make WPA (or WPA2 if your hardware supports it)
> available. However, in order to use infrastructure mode you'll have to
> buy a wireless router, assuming that your cable modem has an Ethernet
> connection (rather than or in addition to a USB connection). These days,
> you can find a wireless-G router for not very much money. I don't keep
> up with the various models and prices, but you can check out reviews of
> various models here:
> http://www.newegg.com/Product/ProductList.aspx?Submit=ENE&N=2050410145%201132809980&bop=And&ActiveSearchResult=True&Order=PRICE
>
>
> Also consider that using a wireless router provides two big advantages
> over your current setup: (1) your desktop computer doesn't need to be
> turned on in order for other computers on your LAN to access the
> Internet and (2) you have a good hardware barrier (at least NAT and
> probably also a firewall) between all of your computers and the Internet.
>
>
> <Steve Winograd 11/2/06; Quote>
> You're right that a Windows XP ad-hoc wireless connection can't use a
> pre-shared key (WPA-PSK or WPA2-PSK).
>
> WPA-None is still supported in SP2 for an ad-hoc wireless connection.
> You can open the wireless connection properties and specify it as the
> value for Network Authentication.
>
> However, on reflection, it might not be a good choice for Amy,
> because:
>
> 1. I don't know what wireless network adapters actually support
> WPA-None in the hardware and drivers. I'd recommend using identical
> make/model adapters in both computers. Even then, it could be iffy.
>
> 2. I've seen reports that installing WPA2 support removes WPA-None.
>
> 3. I don't know if it's more secure than WEP.
>
> I haven't found any good documentation of this from Microsoft. It's
> mentioned in this article:
>
> The Cable Guy - July 2003
> Configuring Wireless Settings Using Windows Server 2003 Group Policy
> http://www.microsoft.com/technet/community/columns/cableguy/cg0703.mspx
>
> It's described in this Cisco web page:
>
> http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/350cards/windows/incfg9/win6_ape.htm
>
>
> <\QUOTE>

I mis-typed. WPA-NONE seems to go away when you implement WPA2 support
rather than Service Pack 2. WPA2 support was available as a stand-alone
update for SP2 (http://support.microsoft.com/kb/893357) and was included
in Service Pack 3.

--
Lem

Apollo 11 - 40 years ago:
http://www.nasa.gov/mission_pages/apollo/40th/index.html
From: spasmous2 on
On Feb 27, 3:12 pm, Lem <lemp40(a)unknownhost> wrote:
> Lem wrote:
> > spasmous2 wrote:
> >> I was wondering what the difference in security between these two
> >> protocols is: WPA-NONE and WEP.
>
> >> I have a local area network that shares internet connection from a
> >> cable modem on a desktop computer via a PCI wireless adapter. It works
> >> pretty well but from reading on the internet I learnt the security I
> >> am using (WEP) is flawed. I bought a new wireless adapter that is WPA
> >> enabled, however apparently with my setup I have to use ad hoc network
> >> settings for which WPA-NONE is the only option.
>
> >> There's scant information out there, but some random posts out there
> >> suggest WPA-NONE is no better than WEP. I have a couple of questions.
>
> >> 1. Is WPA-NONE superior to WEP in terms of security?
>
> >> 2. Is it possible to use Infrastructure mode with my wireless network?
>
> > As I recall, the last time I looked into this (over 3 years ago), I came
> > to the conclusion that WPA-NONE (even if you could actually use it) was
> > no better than WEP.  You don't say what version of Windows you're using,
> > but the comment below, from MS-MVP Steve Winograd, who is very
> > knowledgeable about Windows networking, suggests that if you have
> > installed XP service pack 2 (you should really be at service pack 3 if
> > you are using Win XP) WPA-NONE is no longer available.
>
> > As for your second question, you can (and should) use infrastructure
> > mode. This should make WPA (or WPA2 if your hardware supports it)
> > available. However, in order to use infrastructure mode you'll have to
> > buy a wireless router, assuming that your cable modem has an Ethernet
> > connection (rather than or in addition to a USB connection). These days,
> > you can find a wireless-G router for not very much money. I don't keep
> > up with the various models and prices, but you can check out reviews of
> > various models here:
> >http://www.newegg.com/Product/ProductList.aspx?Submit=ENE&N=205041014...
>
> > Also consider that using a wireless router provides two big advantages
> > over your current setup: (1) your desktop computer doesn't need to be
> > turned on in order for other computers on your LAN to access the
> > Internet and (2) you have a good hardware barrier (at least NAT and
> > probably also a firewall) between all of your computers and the Internet.
>
> > <Steve Winograd 11/2/06; Quote>
> > You're right that a Windows XP ad-hoc wireless connection can't use a
> > pre-shared key (WPA-PSK or WPA2-PSK).
>
> > WPA-None is still supported in SP2 for an ad-hoc wireless connection.
> > You can open the wireless connection properties and specify it as the
> > value for Network Authentication.
>
> > However, on reflection, it might not be a good choice for Amy,
> > because:
>
> > 1. I don't know what wireless network adapters actually support
> > WPA-None in the hardware and drivers.  I'd recommend using identical
> > make/model adapters in both computers.  Even then, it could be iffy.
>
> > 2. I've seen reports that installing WPA2 support removes WPA-None.
>
> > 3. I don't know if it's more secure than WEP.
>
> > I haven't found any good documentation of this from Microsoft.  It's
> > mentioned in this article:
>
> > The Cable Guy - July 2003
> > Configuring Wireless Settings Using Windows Server 2003 Group Policy
> >http://www.microsoft.com/technet/community/columns/cableguy/cg0703.mspx
>
> > It's described in this Cisco web page:
>
> >http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/350...
>
> > <\QUOTE>
>
> I mis-typed. WPA-NONE seems to go away when you implement WPA2 support
> rather than Service Pack 2. WPA2 support was available as a stand-alone
> update for SP2 (http://support.microsoft.com/kb/893357) and was included
> in Service Pack 3.
>
> --
> Lem


Thanks for sharing your knowledge, Lem, Appreciated :)

While we're on topic, I'd just like to ask what exactly is the
downside of having an insecure wireless network? I need a little help
getting motivated buying and installing a router ;)

People can use your bandwidth - but that's not exactly the worst thing
in the world. If File Sharing is disabled, then what is the worst they
can do?
From: Barb Bowman on
anything that is sent in clear text.. usernames and passwords if not encrypted,
email, IM. Think Identity theft.

On Sun, 28 Feb 2010 00:00:11 -0800 (PST), spasmous2 <spasmous(a)gmail.com> wrote:

> then what is the worst they
>can do?
Barb Bowman
MS-MVP
http://www.digitalmediaphile.com
http://digitalmediaphile.wordpress.com