Wireless security confusion!!!!!

Discussion in 'Wireless' started by Mitzs, Jan 31, 2008.

  1. Mitzs
    Honorary Member

    Mitzs Ducktape Goddess

    3,286
    85
    152
    I have a choice of WPA Personal,
    WPA Enterprise, WPA2 Personal, WPA2 Enterprise, RADIUS,
    and WEP. I have chosen the wpa personal with the aes. But the next box is asking for a WPA Shared Key?:blink What is that and where do I find it? It does not explain this in the manual and I've looked for it twice and google is not helping at all!:x Can anyone here make my headache go away?
     
    Certifications: Microcomputers and network specialist.
    WIP: Adobe DW, PS
  2. Stoney

    Stoney Megabyte Poster

    731
    23
    69
    The WPA shared key is a key that is configured on the wireless device and also on the wireless client. When you connect to the wireless device using WPA it will check that the clients shared key matches the one on the router. If the keys match the client will be allowed to communicate with the device.

    I wouldn't like to say for certain where you would configure this because I don't know what router you're using, but normally the Pre-shared key is on the same page as the Wireless security authentication method (where you chose WPA).

    HTH 8)
     
    Certifications: 25 + 50 metre front crawl
    WIP: MCSA - Exam 70-270
  3. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Yup, what Stoney said. You configure the key on the router and then you have to put the same key in the wireless settings on the laptop. No key = no wireless = security! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  4. The_Geek

    The_Geek Megabyte Poster

    772
    13
    64
    If security is that much of a concern, enable wireless MAC filtering.
     
    Certifications: CompTIA and Micro$oft
    WIP: PDI+
  5. Mitzs
    Honorary Member

    Mitzs Ducktape Goddess

    3,286
    85
    152
    I guess I will just have to call linksy today then. I see where to put the key, which is where you choose what you want. But I am missing how to configure the key. That is not there. Thanks anyway guys. I appreciate your time. :)
     
    Certifications: Microcomputers and network specialist.
    WIP: Adobe DW, PS
  6. TimoftheC

    TimoftheC Kilobyte Poster

    408
    9
    46
    I am a little confused by this mitz :oops:

    Is it not just a case of accessing the router via the administartion software (Linksys is via your web browser I believe) enabling WPA with a pre-shared key, making the key up youself and then making sure that the exact same WPA setting and key is configured on the client?

    At least, that's what I used to do when I used a Lynksys Router. As I said though, I may be missing something here so ignore me if I'm being stupid :D
     
    Certifications: A+; Network+
    WIP: MCDST???
  7. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Can you post a screenshot?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  8. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    Mitzs

    The shared key is like a password that you make up. Make sure it has numbers and letter caps and lower case. Do this on the router, then when you fire up your lappy, it will ask you if you want to connect to the wireless network and then ask you for the key. Just type in the same key you installed in the router and away you go.

    Easy really :D
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  9. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    No offence mate, but that is about as secure as leaving your house door wide open when you leave. The only way to truly secure a wireless network is using WPA2/PSK with a key change every hour or so. A pain in the arse to be sure, but it will be as secure as its possible to get without using RADIUS (which has its own problems anyway)
     
    Certifications: A few
    WIP: None - f*** 'em
  10. Modey

    Modey Terabyte Poster

    2,397
    99
    154
    Mac filtering is nearly as good as WEP when it comes to security. ie. not very much use at all. It's fairly easy to spoof a mac address.

    edit: Hadn't read Zeb's reply. What he said. :)
     
    Certifications: A+, N+, MCP, MCDST, MCSA 2K3, MCTS, MOS, MTA, MCT, MCITP:EDST7, MCSA W7, Citrix CCA, ITIL Foundation
    WIP: Nada
  11. rwlk

    rwlk Bit Poster

    22
    0
    19
    Zebulebu,
    I don't think you need to change your WPA2/PSK password every two hours!!. So far as it's a strong password with caps and lower case letters and numbers and symbols AND long enough, you don't have to worry that much. You could probably change it every two - four months. WPA2 is a strong authentication/encryption methods and generates session keys for every client for every session. This way, packet capture will be useless for hackers. Most hacker tools available against WPA2 have to capture a lot of packets before cracking the key (some tools force the AP to exchange heavy traffic for this reason). But it is still hard to crack. That's why it has to be NOT GUESSABLE and LONG ENOUGH (I insist on this).

    HTML:
    Is it not just a case of accessing the router via the administartion software (Linksys is via your web browser I believe) enabling WPA with a pre-shared key, making the key up youself and then making sure that the exact same WPA setting and key is configured on the client?
    
    It's just that. It could be hard to save the same key for you client to always connect automatically to the same network but it all depends on the software you are using. Wireless Zero configuration can ease this process but security-wise, better use your wireless adapter software.
     
    Certifications: B.Sc.
    WIP: CCNA, CWNA, Security+
  12. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    True - that's probably overkill, but it future-proofs you against any newly discovered vulnerabilities in WPA2. WPA1 & WEP were 'uncrackable' when they came out - and look what happened to them. A regular key change will allow you to be secure enough that, when there eventually IS a simple exploit for WPA2, you will have enough advanced notice of it to either disable your wireless completely or move to the newest 'latest and greatest' protection available.

    Of course, you're quite right - all this is probably overkill for someone sitting at home with their own little wlan. I'm talking more from a corporate (e.g. paranoid) viewpoint here :biggrin
     
    Certifications: A few
    WIP: None - f*** 'em
  13. TimoftheC

    TimoftheC Kilobyte Poster

    408
    9
    46
    Ok, another confused point I wana make :oops:

    Zeb, can I assume that you are talking about setting the key that's created off the pasphrase you supply, to automatically change evey couple of hours?

    It's just that, if you are talking about changing the actual "key" that you physically enter, then to change that every couple of hours on your router will mean a similar change to every client.

    To me, both you and rwlk seem to be talking about slightly different things - or am I just being thick?
     
    Certifications: A+; Network+
    WIP: MCDST???
  14. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    It's confusing I agree!

    Basically, you never actually change the passphrase you use, but the key generated from it is regenerated by TKIP at a specified interval. So - although the passphrase you use to generate the key remains constant, the actual key used by the AP & devices connecting to it changes based on a random Key Derivation algorithm. This is set on the router - usually as 'group key renewal time' or something similar.

    It's best to use a long truly random passphrase to guard against brute force attempts which are theoretically possible - I use a 20 character random string that is generated from this site and change it every few weeks or so.

    Hopefully that's a bit clearer - you don't need to change the passphrase you use on the router every two hours! That would be a truly paranoid approach, and you might have trouble remembering to renew it at every interval :)
     
    Certifications: A few
    WIP: None - f*** 'em
  15. TimoftheC

    TimoftheC Kilobyte Poster

    408
    9
    46
    He he - thanx Zeb.

    Yeah, well aware of how wireless security works but I think it was this part of rwlk's post that confused me: -

    I read that and assumed you were also talking about changing the passphrase, but every two hours - hence my confusion :rolleyes:
     
    Certifications: A+; Network+
    WIP: MCDST???
  16. Mitzs
    Honorary Member

    Mitzs Ducktape Goddess

    3,286
    85
    152
    awww, that is what I needed to know. Talk about a major brain fart.:biggrin I was looking for an actual key somewhere. Thank you AJ! Thanks everyone for all the infromation. I've started reading up on this so I can understand it better. There is so much different information out there but nothing that I have found yet that goes into great detail about it.
     
    Certifications: Microcomputers and network specialist.
    WIP: Adobe DW, PS
  17. Mitzs
    Honorary Member

    Mitzs Ducktape Goddess

    3,286
    85
    152
    woohoo! I've got her locked down. It really was not that bad feel sorta silly now, but live and learn! :biggrinThanks again AJ.
     
    Certifications: Microcomputers and network specialist.
    WIP: Adobe DW, PS
  18. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    No problem, we all live and learn. Now you can help all those others with unsecure wireless networks. :D
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.