"Allen Kistler" <ackistler@oohay.moc> wrote in message news:9VJ1j.64565$RX.40917@newssvr11.news.prodigy.net... > Baho Utot wrote: >> I need some help securing my wireless access point. I am new to wireless >> networking but I do know ethernet. >> >> I have no problems with my setup other than I need to secure this network >> somehow. >> >> I have a Linksys WRT54G wireless router that I would like to enable some >> kind of encryption on it as it is running unrestricted. >> >> It has the following options: WPA Personal, WPA Enterprise, WPA2 >> Personal, >> WPA2 Enterprise, Radius and WEP. >> >> I connect to it through from a desktop and a notebook both using a >> broadcom >> chip set card. >> >> iwlist gives me the following options: >> >> wlan0 2 key sizes : 40, 104bits >> 4 keys available : >> [1]: off >> [2]: off >> [3]: off >> [4]: off >> Current Transmit Key: [1] >> Authentication capabilities : >> WPA >> WPA2 >> CIPHER TKIP >> CIPHER CCMP >> >> Which encryption method should I choose and how do I configure it? > > The best option for a home network is probably WPA2-Personal (aka > WPA-PSK - pre-shared key). You configure encryption per WAP using > wpa_supplicant. > > Put ... > key_mgmt=WPA-PSK > proto=WPA2 > pairwise=CCMP > group=CCMP > psk=<your.pre-shared.key.here> > ... in the wpa_supplicant.conf file. The man page has examples to set > up the rest. You can generate 256 bits of random noise as your key and > enter them as hex digits for the psk if you're really paranoid. Allen; I saw this post, had just upgraded Ubuntu from 7.04 to 7.10, and saw the option of using WPA-Personal and WPA-Personal 2 for authentication. I was using WEP 64 bit, knowing it could be hacked. However, I can't get the WPA to work :( I finally got WEP back working after over an hour. What should I look for? (magic?) tnx doug

In article <slrnfkgna6.29f.ibuprofin@compton.phx.az.us>, Moe Trin wrote: > Why not use the encrypted link, so that your private information is My own approach is simply not to use wireless as it is the least reliable and least secure networking technology available. If you want fast, stable, and secure connections, wire the house for ethernet. -- Roger Blake (Subtract 10s for email.)

On 24 Nov 2007, in the Usenet newsgroup comp.os.linux.networking, in article <slrnfkgv6a.h38.rogblake10@moog.netaxs.com>, Roger Blake wrote: > Moe Trin wrote: >> Why not use the encrypted link, so that your private information is >My own approach is simply not to use wireless as it is the least reliable >and least secure networking technology available. If you want fast, stable, >and secure connections, wire the house for ethernet. I know what you are saying (and happen to agree with you - after I bought my current house, but before moving in, I spent a day installing conduit from the attic into each room to allow later cabling), but not everyone is able to do so. This could be because the house is a rental, or a lack of access to a place (attic or cellar/crawlspace) to run the cables, or a house-mate who objects to those nasty wires running all over. In the USA, there is a _recommendation_ that new construction houses include cabling. In practice, this often means the electrician's apprentice installing CAT1 wiring (twisted pairs of wet string) and stapling it to the studs, making replacement with CAT5e or 6 (or fiber) virtually impossible. As far as security goes, the recommendation is ALWAYS to use a good (at least 20 characters - not dictionary words) passphrase, and you're pretty safe even with the older WPA algorithms. With WPA2 (using AES encryption which had no known attack methods last I investigated), the link will be secure, and what you then have to worry about is the bad guys getting physical access to your system and installing a key sniffer, because they're not going to get in through cryptanalysis. Old guy