Folks
My concern is not so much just how good or bad WEP is - and I agree that it is much better to use ssh or a vpn tunnel. Until 802.11i is fully implemented, standard wireless is always going to be very easy to hack by a sniffing geekster.
The problem is that there are quite a lot other machines on the network that have been configured with WEP128. I don't use DHCP and I have MAC filtering enabled so that is some protection. Unconfiguring all those machines will be a pain and as some of them are WinDroze XPoor, almost certainly to fall over.
OK - maybe the solution is to upgrade to KDE3.4. There are comments about 128 WEP in the 3.4 kdenetwork package. And is KDE3.4 already stable enough to be included? What do people recommend? Has anyone upgraded to 3.4?
Another issue is where is the gpg public key repository for CentOS4?
So my problem remains. At the moment I am using a regular wired connection but that means that the garden is out of bounds and it is nice and sunny today here in Manchester ... :-)
Best wishes
John
John Logsdon "Try to make things as simple Quantex Research Ltd, Manchester UK as possible but not simpler" j.logsdon@quantex-research.com a.einstein@relativity.org +44(0)161 445 4951/G:+44(0)7717758675 www.quantex-research.com
On Sun, 22 May 2005, Ryan wrote:
I disagree with this assessment.
WPA-PSK is not much more secure than 128-bit WEP, since its passphrases vulnerable to common dictionary attacks. Worse, linux has poor WPA support - not every wifi card supported by linux has WPA support.
Also, many non-computer devices (wireless webcams, etc) only have WEP as an option.
Use system-config-network , not kwifi, and you should be able to use WEP with no problem. Also, consider turning OFF DHCP, turning the AP off when you aren't using it, and enabling MAC filtering.
If you are really concerned about security, consider using an SSH or VPN tunnel to encrypt data between laptops and a wired router/server.
For some information on WPA-PSK weaknesses: http://wifinetnews.com/archives/002452.html
system-config-network requires you enter in "0x" bbefore the key.
Maciej Zenczykowski wrote:
You can skip wep128 or wep64 or any other wep for that matter, currently a standard notebook with a supported wireless card running linux can passively break through wep64/wep128 encryption within 10-30 minutes, switching to active mode can break through the encryption within 3-5 minutes. Simply put, encryption of the WEP kind is no longer worth the bother.
Just look around on google, he's a quote I found:
Department: Here's a demo of the FBI, using commonly available and openly documented hardware & software to crack WEP 128-bit security in three minutes.
http://www.tomsnetworking.com/Sections-article111-page1.php
The needed utilites can be freely downloaded of the internet.
Cheers, MaZe.
On Sun, 22 May 2005, John Logsdon wrote:
CentOS4 standard installation.
I see that KwifiManager doesn't support 128 bit WEP which I need for other machines on the network, which is a bit of a blow - and rather surprising really as security should be quite a consideration on an enterprise level system (NB RH!).
Is there a workaround? An alternative way of configuring my Belkin F5D6020 ver 2 card? eg a cvs download that I can get and copy via a stick? Or how to do it manually? I have tried regressing kdenetwork but that doesn't include kwifimanager at all.
Ideas?
TIA
John
John Logsdon "Try to make things as simple Quantex Research Ltd, Manchester UK as possible but not simpler" j.logsdon@quantex-research.com a.einstein@relativity.org +44(0)161 445 4951/G:+44(0)7717758675 www.quantex-research.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos