WEP, WPA or MAC Filtering - Which is best

[deadite66]

wish the EU would mandate all new devices must have WPA.

[Sumanji]

OP: thinking about it, can you pick up a cheap USB Wifi dongle from somewhere? Connect this to your PC and create a second ad-hoc WiFi (WEP-encrypted) network between it and your DS. Create a network bridge and setup ICS. When you are not playing leave the dongle unconnected to minimise security risk.

Any good?

[Wicked_and_Crazy]

Quote:

Originally Posted by Saaf_laandon_mo

Well I can't buy a DSi because

a) I already have a DS, and
B) it's not available in Pink

Anyway I heard that the DSi will only offer WPA compatibility for software thats specifically written for the DSi. So a copy of mario karts on the DS will still only work with WEP.

If you trade your DS Lite in at Game they will give you 50% off of a DSi

[tweetiepooh]

If you are planning to upgrade the router why not keep the old one and set it up as a WEP access point only switching it on when you need to use the DS. You could possibly plop it into a DMZ from the new router so if anyone does break in they can't see you home LAN and if the new router has a proper switch they won't be able to see other traffic either.

[Saaf_laandon_mo]

Quote:

Originally Posted by tweetiepooh

If you are planning to upgrade the router why not keep the old one and set it up as a WEP access point only switching it on when you need to use the DS. You could possibly plop it into a DMZ from the new router so if anyone does break in they can't see you home LAN and if the new router has a proper switch they won't be able to see other traffic either.

Thanks for that - This is what I'm going to look at once I get my new router.

[mischievious]

Fearmongering is mostly at the core of this stuff.

Yes WEP can be cracked fairly easily, however your wireless router has a max range and at a guess is advertised at 300 or so meters. This is also reduced by the fabric of your abode. e.g. some houses cannot get wireless upstairs if the router is downstairs.

Which basically means someone attempting to break into your router is either a neighbour or parked outside your house. Following this line the said person is either simply trying to get free broadband or hack your system.

Either way just getting connected to your router doesn't automatically give access to your computer. It doesn't work that way.

One primary argument you will see is something like Online Banking. Even if someone were to get access to your router the other party even scanning promiscuously will still see SSL encrypted traffic.

There are many steps to totally cracking a system not one.

[AndyCambs]

Quote:

Originally Posted by mischievious

Fearmongering is mostly at the core of this stuff.

Yes WEP can be cracked fairly easily, however your wireless router has a max range and at a guess is advertised at 300 or so meters. This is also reduced by the fabric of your abode. e.g. some houses cannot get wireless upstairs if the router is downstairs.

Which basically means someone attempting to break into your router is either a neighbour or parked outside your house. Following this line the said person is either simply trying to get free broadband or hack your system.

Either way just getting connected to your router doesn't automatically give access to your computer. It doesn't work that way.

One primary argument you will see is something like Online Banking. Even if someone were to get access to your router the other party even scanning promiscuously will still see SSL encrypted traffic.

There are many steps to totally cracking a system not one.

I tend to agree. I think you need to put as many layers in to make it as difficult as possible for anyone to be able to use your network - in the hope that they'll move on and try elsewhere.
Fitting a five lever mortice lock doesn't stop a burglar, but adding security lights, burglar alarm, joining a neighbourhood watch scheme, having a dog - all these things together deter the criminal. One on its own would not as much.

[Saaf_laandon_mo]

How hard easy is MAC filtering to crack?

[deadite66]

on linux

ifdown eth0
macchanger -r eth0
ifup eth0

[xpod]

Quote:

on linux

ifdown eth0
macchanger -r eth0
ifup eth0

Thats just changing your own mac to some random one and not actually "cracking" any hidden mac.

Quote:

How hard easy is MAC filtering to crack?

You dont have to "crack" a MAC as such.You just need the right tools to make that hidden MAC visible.Then if you were using Linux you could indeed install Macchanger as per the previous post to then change your own MAC accordingly but you dont actually need to install anything change your own mac.

[mischievious]

Quote:

Originally Posted by deadite66

on linux

ifdown eth0
macchanger -r eth0
ifup eth0

Technically this would be the final step as the above simply sets your mac to a random mac which still won't give access to another system if mac filtering is in place.

You would first have to break the encryption between a client system and the router in order to read the traffic and find out what a legitimate mac is. Then you could spoof (using a method similar to above, p.s. to do the above in windows is a reg key and reboot) the mac address of that client machine.

Though you still have problems here as you will have extemely sporadic network traffic at best as the router would have two different clients with the same mac. It goes on quite a bit more than this but this is enough for the time being.

Hence my comment there are many levels to crack a system. It is not always easy but it happens on rare occasions. As an example a director in my company set up his own web/ftp server (IT had no contact with it) and it was running for 6 + years before it was hacked. Nothing fancy, a simple error he left the Administrator account enabled with a blank password by mistake.

Yes mac filtering is crude and on its own is not recommended but it can be quite an effective deterrent.

---------- Post added at 23:41 ---------- Previous post was at 23:37 ----------

Quote:

Originally Posted by xpod

.

That'll teach me for long posts

[xpod]

Quote:

That'll teach me for long posts

I now write long posts in a text editor....partly for that reason

Quote:

Yes mac filtering is crude and on its own is not recommended but it can be quite an effective deterrent.

As you mentioned previously it`s all about the neighbors i`d say,in a home environment anyway.The chances of some idiot parked outside are relatively slim so that really only leaves those living around you.
Most of the people i know that do use wireless happily get away with WEP and MAC Filtering(now that it`s on in many cases)when thats all their hardware is capable of but all it takes is one little skiddie living close enough with a capable wireless card/dongle and those routers/networks may well become the little git`s test ground.

[s0dp4z]

Quote:

Originally Posted by Matt D

You could get the Nintendo WiFi dongle thing. It's basically a USB WiFi adaptor for your PC which uses a proprietary encryption method supported by the DS.

Instead of dropping the router's security down to the easily defeated WEP, so you can connect the DS to it, the DS wirelessly connects to the USB WiFi adaptor, which shares your PC's internet connection with the DS using ICS (Internet Connection Sharing).

I'm sorry about bumping such an old thread but i read the faq and it doesn't seem to be any problem with doing so.
The thing is i'm having the same trouble as the OP of this thread , i really dont want to use wep security since it sucks.
So i want to ask , what is that propietary encryption thing ? (im not that knowledgable about this stuff)
what if i have a connection like this:
Adsl modem->Wireless Router(WPA2 encryption)->PC(wired) and Laptop(wireless)
If i connect this nintendo usb dongle thing to my PC , will this allow me to use the ds properly (maybe the dongle doesnt care its in WPA2 and it transmists the wireless connection as WEP?) does this mean mi pc will still be vulnerable as if i was using WEP for the whole thing? or is it safe?
what if i were using a simpler connection like :
Adsl modem->PC (wired) .. and i plug the dongle to my pc.Is it a good idea to do this or i cant still get hacked because of the dongle using wep?

If i didnt explain something correctly please tell me.I've been looking for information about this situation but i cant find anything,so i really hope you guys can help me.Thanks.