do all modern AP's have WPA enabled??

[jjyiz28]

did some reading on WPA, and how it constantly changes your WEP key at frequent intervals. is this something that is enabled?? like when you first set up your AP, its shows you 4 keys, and asks you which one is default. is WPA active on this AP?? will it change between these 4 keys frequently?

 

[gunrunnerjohn]

First you have to obtain a WPA capable wireless product.

 

[JackMDS]

Most of Entry Level Do not.

However some can be upgraded via Firmware.

 

[gunrunnerjohn]

I'm eagerly awaiting WPA for my D-Link router, I think I'll invest in a new PCMCIA card for the laptop when it's released.

 

[Torghn]

Yeah, My Dlink wap already has WPA, just need it on my router to finish off my wireless network. I'm just glad Dlink has publicly stated they will release a firmware update for this router.

 

[SaigonK]

WPA has already been broken as well...dont pin your hopes on it too much.
VPN or SSL is still the way to go, of course thats not for at home use.

 

[gunrunnerjohn]

Originally posted by: SaigonK
WPA has already been broken as well...dont pin your hopes on it too much. VPN or SSL is still the way to go, of course thats not for at home use.

Can you provide an actual reference to this "fact", or is it just hearsay? I haven't heard of any issues, other than the fact that a weak passphrase will allow dictionary attacks to succeed. This is not actually "breaking" WPA, it's the same problem any passworded access has with simple passwords.

 

[SaigonK]

Originally posted by: gunrunnerjohn

Originally posted by: SaigonK WPA has already been broken as well...dont pin your hopes on it too much. VPN or SSL is still the way to go, of course thats not for at home use.

Can you provide an actual reference to this "fact", or is it just hearsay? I haven't heard of any issues, other than the fact that a weak passphrase will allow dictionary attacks to succeed. This is not actually "breaking" WPA, it's the same problem any passworded access has with simple passwords.

The dictionary hack is an issue, so is the DOS issue. Again, wireless isnt ready for primetime security needs unless you use SSL or VPN.
The issue is that security was an after thought, not a desing into the product. WEP, WPA, TKIP, etc are all "patches" to fix a problem. VPN is also a "patch" but it is THE most secure method right now.

http://www.wired.com/news/business/0,1367,56350,00.html

 

[gunrunnerjohn]

There is a huge difference between a DOS and a breech of the security to allow an attacker access to your network. I suspect most folks know the difference.

In point of fact, any wireless network, regardless of how it's secured, is easy prey for a DOS attack. Hell, just setting my wireless phone to the wrong channel results in a DOS for my wireless network! Also, I don't consider the dictionary attack to be an issue with WPA, since sensible PW selection solves that problem.

Quite frankly, given a common sense selection of a password for the WPA channel, you haven't said anything that makes me thing it's less desirable than SSL or a VPN, and a hell of a lot easier to live with. WPA is certainly up to the task of protecting a home network, while WEP is not.

 

[JackMDS]

Every time such a thread comes up I get a lot of inferiority complex. From the way it sounds it seems that I am the only one here who is not a CEO of a Big Bank, or some security agency.

Yeah, Consumers Wireless is breakable. It is not easy to do it, and it might a lot of time and effort.

However if you have something really ?Hot? do not use as part of the wireless network. Or invest few thousands $$ in real security.

 

[SaigonK]

Originally posted by: JackMDS
Every time such a thread comes up I get a lot of inferiority complex. From the way it sounds it seems that I am the only one here who is not a CEO of a Big Bank, or some security agency. Yeah, Consumers Wireless is breakable. It is not easy to do it, and it might a lot of time and effort. However if you have something really ?Hot? do not use as part of the wireless network. Or invest few thousands $$ in real security.

Geesh jack! And i thought you were a CEO.


Wireless cuks for security, we can all agree on that. For your home user it is fine, even with WEP, which takes quite some time and a large data stream to crack.
WPA makes it that much harder. But frankly, I feel the turn in security will focus back on the home and the business as well. Imagine that you try to hack a company, but your neighbor down the road has little or no security and he has all kinds of money and online banking to sniff...whihc is better prey?

 

[JackMDS]

Quote: Geesh jack! And i thought you were a CEO.

Yeah, but not of a Bank. :brokenheart:

 

[SaigonK]

If you were...I would ask for a job.
I am cheap..only want $100k per year.