How Stable is WEP? 61
PktLoss asks: "I recently joined the wireless home networking craze, and bought two products, a wireless router and a wireless PCMCIA card. When I just connect normally, I have no problems. The connection is rock solid, decent transfer rates. Im very happy with the purchase. However, for obvious reasons, I would like to enable WEP with 128bit encryption. However, once i do that, the connection goes flaky, dropping after a few moments, or minutes, even when mere feet from the router. Are there problems with stability and WEP? Do certain applications have issues with WEP (I've been disconnected when running nothing but Windows)? Is there anything i can do to resolve this?"
"Linksys blames this problem on:
Does this sound like a load of crock to anyone or is it just me?"Some applications are having problem with WEP. WEP or Wired Equivalent Privacy is performed jointly by Nikita Borisov, Ian Goldberg, and David Wagner and not yet standardized and not having solution with its wireless connection problems...
Use MAC address filtering and Limited IP leases (Score:2, Informative)
Re:Use MAC address filtering and Limited IP leases (Score:2, Interesting)
Re:Use MAC address filtering and Limited IP leases (Score:2, Informative)
Re:Use MAC address filtering and Limited IP leases (Score:4, Informative)
Address filtering is really bad security, even at layer 2. Since you have no encryption at or above layer 2, anyone can just hop on your network and do an arp resolution to a broadcast address and bingo, they have a MAC that lets them in. Even if you couldn't do that, a MAC address is just a 48-bit number, and most of the MAC address space is verifiably unused (you can check the IEEE for a list of assigned prefixes - the first 24 bits are a manufacturer ID).
Caveat (Score:2)
The transmissions to the AP are not encrypted, so one need not necessarily bind to the AP to recieve them. A promiscuous interface should do the trick.
Re:Use MAC address filtering and Limited IP leases (Score:3, Interesting)
Re:Use MAC address filtering and Limited IP leases (Score:2)
There are many a feature in iproute2 that I seldom use.
I apologize.
Re:Use MAC address filtering and Limited IP leases (Score:2)
Re:Use MAC address filtering and Limited IP leases (Score:2, Insightful)
If someone wants to get in then they will, however the two of these options will get rid of the idiot neighbor who happens to notice an open WAP and figure he doesn't have to pay for Internet usage when Buddy next door is nice enough to share his.
If someone does go through the trouble of spoofing a MAC addres
Re:Use MAC address filtering and Limited IP leases (Score:2)
Since anyone who knows your encryption key can see what mac addresses are allowed to communicate on the network, how does this improve security?
Are you running Windows XP? (Score:1)
My solution...
Install Windows 2000... Works fine now.
Re:Are you running Windows XP? (Score:2)
I thought it was some sort of built-in promotion to Windows or something (like the old AOL / Compuserve / whatever else providers) but was curious enough to click on it. Imagine my surprise when it listed the name of the WAN that I had in my home.
A Windows feature that actually impressed me
Re:Duhhhh.... (Score:1)
Re:Duhhhh.... (Score:1)
Try a firmware upgrade (Score:5, Informative)
I had a Linksys WAP11 wireless access point with WPC11 cards at the office, and they were horribly unreliable no matter what I did. I was about to give up when I found a firmware update for the WAP on Linksys' support [linksys.com] site. With that installed and all of the drivers updated to latest versions everything works like a charm.
I'd suggest looking to see if there are firmware updates for your wireless router. Depending on how long your retailer had it sitting in their warehouse you may not have the latest and greatest versions of everything.
Re:Try a firmware upgrade (Score:3, Informative)
Re:Try a firmware upgrade (Score:1)
So, remember to try upgrading the firmware before you fiddle with anything else (back up your settings as part of the upgrade process as well!)
xp's wireless seems flakey (Score:4, Informative)
I don't know if this helps... (Score:2, Interesting)
Same problem here. My solutions.... (Score:4, Informative)
I have two answers for you.
First, the easiest workaround in XP: Let your card connect to your gateway. Once it's connected, bring up the wireless properties in XP for this card. Disable the checkbox for "Let Windows configure my wireless properties". This will prevent XP from making any further updates to your wireless connections, and you will stay connected to your router permanently. You will have to re-enable then re-disable that checkbox if you reboot so it can find it again, but that's only a few seconds of effort for what seems like a perfectly good workaround.
Second: I got, from Linksys support, a Technical Bulletin on "...using Windows XP with wireless networks". It mentions the Orinoco card specifically, but everything in there seems generic enough that it may be worth a try. Ask them for TB-054 (it's a PDF). The workaround above works well enough that I haven't made the time yet to follow these instructions, but it looks like it's meant to address this specific problem.
<rant>If all my damn neighbors would stop advertising their SSID's like insecure idiots, I have a feeling this problem wouldn't come up. And yes, it appears to only be a problem with XP.</rant>
Re:Same problem here. My solutions.... (Score:1)
Re:Same problem here. My solutions.... (Score:1)
Interestingly, I never thought of it as being a problem with WEP. It's not like I'm going to turn it off or drop to 64-bit, but I'd be curious if that's part of the cause.
I finally read that tech bulletin, by the way. It didn't look specific to the Orinoco card, so it might help you if it helps me. But it was less specific to our problem than I had hoped -- it was more like a detailed user guide to XP wireless ne
Ahem.. (Score:5, Funny)
Windows wasen't desinged for the Internet and it's TCP/IP protocoll - instead use the Microsoft NetBEUI! You'll have non of those pesky routing problems of TCP/IP, and security isen't a problem at all - there isent' any!
Re:Ahem.. (Score:2)
Only those versions of Windows built on top of MS-DOS (3.1, 3.11, 95, 98, Me). Networking support of ANY kind (NetBEUI, TCP/IP, Netware, Appletalk, etc.) is a patch on a patch on a patch on a patch. Remember, DOS was at it's core a stand-alone, single-user, single-tasking, single-threaded operating system. It could do one thing and do it well. It's when you try to throw a bunch of patches at it to make it do something it wasn't desi
no problems: Netgear FM114P (Score:2)
I found that if ssid broadcast turned on, selecting 'open system' was not necessary to connect the iBook to the network.
Blame Protocol?? (Score:1)
Re:Blame Protocol?? (Score:1)
The concept of blaming a protocoll didnt make any sense to me, as i would think, that, when designing a protocoll, dealing with pesky little things like 'It wont work for more than 2 consectutive minutes without dropping' would be rather high up on the fix-it list. And why anyone would implement such a crappy protocoll would be beyond me.
Windows Wireless (Score:1, Insightful)
Re:Windows Wireless (Score:1)
Get hardware assisted WEP (Score:4, Informative)
I can tell you straight off that the high-end cards are worth their money in performance if you are serious about WiFi. My favorite right now is the Cisco Aironet 350. It has power. It has range. It has rich management features. And it is fast. I was consistently pounding out 4.2 Mbit/sec under iperf, while the next step down were Orinoco Gold's pumping out about 3.6 Mbit/sec.
The cheaper DLink and Linksys cards, in comparison, would sustain only about 2.2 Mbit/sec.
Finally, it may be that the particular firmware in your card may be buggy. The HostAP mailing list occasionally talk of such problems.
Some cards actually rely on the host CPU to do the WEP encryption/decryption. In such cases, your performance will suffer, especially on slower machines.
The wireless router, too, may be at fault. It may be that WEP is improperly implemented.
The best way to tell what's going on is to take your client card and test it with another AP; and to test another card with your AP. That might help identify the culprit.
BTW, not related to WEP, but there's another reason to buy more expensive 802.11b cards... You might be in a hostile radio environment. Cheapers cards likely have less sensitive detectors and degrades much more readily due to interference or weak signals (due to distance). As errors stack up at the higher bit rates, your station will get downgraded to lower speeds.
Polarization (Score:2)
Linksys sucks (Score:2)
I would only buy Linksys products as a last resort.
OT: 802.11g and Linux (Score:2)
However, no company I've been able to contact (several emails to sales@wherever simply bounced) has committed to Linux support. The FAQ at http://www.smallnetbuilder.com/FAQ.php shows that no company has yet released Linux drivers as far as he knows and a google search didn't turn up anything promising.
So, is any slashdotter aw
Re:OT: 802.11g and Linux (Score:1)
Re:OT: 802.11g and Linux (Score:2)
Or perhaps I am missing something here. Do the wlan-ng drivers actually support 802.11g after all?
Re:OT: 802.11g and Linux (Score:1)
I'm using this card with 2.4.20 just fine. Whether you go with the pcmcia_cs driver or not (i'm using included kernel driver) you will want the tools from the package. They monitor for cards to be inserted/removed
Re:OT: 802.11g and Linux (Score:2)
Re:OT: 802.11g and Linux (Score:1)
Re:OT: 802.11g and Linux (Score:1, Interesting)
Re:OT: 802.11g and Linux (Score:2)
Well, you are probably right. I wanted 802.11g because it offered:
For those reasons, I figured it wouldn't be a big deal to buy 802.11g preliminary hardware now as it would at least be 802.11b-compatible and even if it ended up not being compatible with 11g when that finally gets ratified, would still run at that speed in my apartment using my hardware.
Any guesses on whether, when 11g finally is ratified, any company will actu
Not a universal problem (Score:1)
securing wireless access (Score:1)
-change your ssid from the default "Linksys" to something unique
-disable access to clients with ssid "any"
-don't broadcast your ssid
-limit the number of ip addresses given out to however many computers you have
-enable wep 128 bit
-limit access by mac address
that's all i can think of at the moment. it's not 100% secure by any means but these simple steps should stop the casual snooper.
Re:securing wireless access (Score:1)
Linksys is probably the issue... (Score:1)
It's not WEP (Score:2)
Get ready for the fun. (Score:2)
Vote [linuxsurveys.com]
Why bother with WEP (Score:2)
Anyone who is using wireless seriously doesn't rely on WEP for more than keeping the lowest of the script kiddies out (See AirSnort - so even the lowest of the script kiddies can get in never mind)
Put your WAP on its own link to your router, from there require a layer 3 VPN solution to tunnel into your router (See FreeSWAN) if you want to get into your network, or onto the internet. If people use your 802.11 they get nothing,
"Prosumer" line of wireless equipment? (Score:2)
I like what the Linksys line promises, it just doesn't live up to it! I have to constantly reset my WET11 (802.11b bridge), and my WAP11 (Access Point) has horrible performance compared to the BEFW11S4 (Access Point+Router). Not to mention, my WPC11 (laptop wireless card) has horrible range and terrible configuration software on Windows. I've also had one WPC11 and one W
Should you use 128 bit WEP ? (Score:2)
I beleive it's smarter not to use 128bit, but rather use 64 bit (which is really 40 bit encryption, by the way, since 14 of them are not random).
Here's why.
WEP provides no real privacy. The algorithm has been cracked wide open, and there are readily available exploits. Also, the known exploits scale linearly, so using twice as many bits only gives a 2x increase in crack time. In
Re:Should you use 128 bit WEP ? (Score:1)
I do agree with you though that anyone that cares for security should be running some sort of a vpn over the wireless link.
WEP is a bad idea for other reasons (Score:2)
Linksys often blows (Score:2)
I think it was funny when I heard that Cisco bought Linksys, truly they wanted part of the low,low,low-end market for real this time. And as others has pointed out, all network devices are not created equal, even if they perform the same function. In the case of SOHO products like these, it hardly matters. It only matter when some "bright" minds thinks they can same money on using SOHO product