[CentOS] CentOS4, KDE3.3 and 128 WEP

ryan ryanag at zoominternet.net
Mon May 23 10:49:50 UTC 2005 

system-config-network from the commandline brings up a GUI that you can
enter in the WEP key for. You do not need to upgrade to KDE 3.4 for this.

>What do people recommend?

My recommendation is to use a different included GUI tool than kwifi
(system-config-network). Instructions are here:
http://www.centos.org/docs/4/html/rhel-sag-en-4/s1-network-config-wireless.html

You can also edit /etc/sysconfig/network-scripts/ifcfg-eth0 (or whatever
your LAN card is) directly, but if you have never done this before, I'd say
use the GUI.


----- Original Message ----- 
From: "John Logsdon" <j.logsdon at quantex-research.com>
To: "CentOS mailing list" <centos at centos.org>
Sent: Monday, May 23, 2005 4:25 AM
Subject: Re: [CentOS] CentOS4, KDE3.3 and 128 WEP


> Folks
>
> My concern is not so much just how good or bad WEP is - and I agree that
> it is much better to use ssh or a vpn tunnel.  Until 802.11i is fully
> implemented, standard wireless is always going to be very easy to hack by
> a sniffing geekster.
>
> The problem is that there are quite a lot other machines on the network
> that have been configured with WEP128.  I don't use DHCP and I have MAC
> filtering enabled so that is some protection.  Unconfiguring all those
> machines will be a pain and as some of them are WinDroze XPoor, almost
> certainly to fall over.
>
> OK - maybe the solution is to upgrade to KDE3.4.  There are comments about
> 128 WEP in the 3.4 kdenetwork package.  And is KDE3.4 already stable
> enough to be included?  What do people recommend?  Has anyone upgraded to
> 3.4?
>
> Another issue is where is the gpg public key repository for CentOS4?
>
> So my problem remains.  At the moment I am using a regular wired
> connection but that means that the garden is out of bounds and it is nice
> and sunny today here in Manchester ... :-)
>
> Best wishes
>
> John
>
> John Logsdon                               "Try to make things as simple
> Quantex Research Ltd, Manchester UK         as possible but not simpler"
> j.logsdon at quantex-research.com              a.einstein at relativity.org
> +44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
>
>
> On Sun, 22 May 2005, Ryan wrote:
>
> > I disagree with this assessment.
> >
> > WPA-PSK is not much more secure than 128-bit WEP, since its passphrases
> > vulnerable to common dictionary attacks.  Worse, linux has poor WPA
> > support - not every wifi card supported by linux has WPA support.
> >
> > Also, many non-computer devices (wireless webcams, etc) only have WEP as
> > an option.
> >
> > Use system-config-network , not kwifi, and you should be able to use WEP
> > with no problem. Also, consider turning OFF DHCP, turning the AP off
> > when you aren't using it, and enabling MAC filtering.
> >
> > If you are really concerned about security, consider using an SSH or VPN
> > tunnel to encrypt data between laptops and a wired router/server.
> >
> > For some information on WPA-PSK weaknesses:
> > http://wifinetnews.com/archives/002452.html
> >
> >
> > system-config-network requires you enter in "0x" bbefore the key.
> >
> >
> > Maciej Zenczykowski wrote:
> > > You can skip wep128 or wep64 or any other wep for that matter,
> > > currently a standard notebook with a supported wireless card running
linux
> > > can passively break through wep64/wep128 encryption within 10-30
> > > minutes, switching to active mode can break through the encryption
> > > within 3-5 minutes.  Simply put, encryption of the WEP kind is no
longer
> > > worth the bother.
> > >
> > > Just look around on google, he's a quote I found:
> > >
> > > Department: Here's a demo of the FBI, using commonly available and
openly
> > > documented hardware & software to crack WEP 128-bit security in three
> > > minutes.
> > >
> > > http://www.tomsnetworking.com/Sections-article111-page1.php
> > >
> > > The needed utilites can be freely downloaded of the internet.
> > >
> > > Cheers,
> > > MaZe.
> > >
> > > On Sun, 22 May 2005, John Logsdon wrote:
> > >
> > >> CentOS4 standard installation.
> > >>
> > >> I see that KwifiManager doesn't support 128 bit WEP which I need for
> > >> other
> > >> machines on the network, which is a bit of a blow - and rather
surprising
> > >> really as security should be quite a consideration on an enterprise
level
> > >> system (NB RH!).
> > >>
> > >> Is there a workaround?  An alternative way of configuring my Belkin
> > >> F5D6020 ver 2 card?  eg a cvs download that I can get and copy via a
> > >> stick?  Or how to do it manually?  I have tried regressing kdenetwork
but
> > >> that doesn't include kwifimanager at all.
> > >>
> > >> Ideas?
> > >>
> > >> TIA
> > >>
> > >> John
> > >>
> > >> John Logsdon                               "Try to make things as
simple
> > >> Quantex Research Ltd, Manchester UK         as possible but not
simpler"
> > >> j.logsdon at quantex-research.com              a.einstein at relativity.org
> > >> +44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
> > >>
> > >>
> > >> _______________________________________________
> > >> CentOS mailing list
> > >> CentOS at centos.org
> > >> http://lists.centos.org/mailman/listinfo/centos
> > >>
> > > _______________________________________________
> > > CentOS mailing list
> > > CentOS at centos.org
> > > http://lists.centos.org/mailman/listinfo/centos
> > >
> > >
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

More information about the CentOS mailing list