From: "Lewis G Rosenthal" Received: from [192.168.100.201] (account lgrosenthal HELO [192.168.201.247]) by 2rosenthals.com (CommuniGate Pro SMTP 5.1.16) with ESMTPSA id 2341781 for os2-wireless_users@2rosenthals.com; Sat, 28 Feb 2009 21:49:18 -0500 Message-ID: <49A9F7AC.7020606@2rosenthals.com> Date: Sat, 28 Feb 2009 21:49:16 -0500 Organization: Rosenthal & Rosenthal, LLC User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.8.1.19) Gecko/20081212 SeaMonkey/1.1.14 (PmW) MIME-Version: 1.0 To: OS/2 Wireless Users Mailing List Subject: Re: [OS2Wireless] Router security References: In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 02/28/09 08:20 pm, Ray Davison thus wrote : > Lewis G Rosenthal wrote: > >> WEP64 (which is really 48-bit encryption) is so weak that it is not >> even worth using. An easier approach would be to use MAC address >> filtering, as this will keep innocent wanderers off of your WLAN. The >> RC-4 encryption is weak enough, and at 48 bits, can be picked in >> seconds. Don't even bother. > > Will you please elaborate on the "innocent wanderers"? I have a had > WRT54G for at least a couple years. It has been set to WEP64 for no > good reason, might have been default. Is it possible for someone to be > able to access the WEB thru someone else's router but not access their > computers? That seems to be the case here. My wife was issued an XP > pro laptop. She claims she brought it home, opened IE, and it connected > to the WEB. Is this reasonable? > WEP64 should have at least kept the XP box from passing traffic. Wireless encryption or some authentication of some sort would block traffic from entering - and passing through - your router to the internet and your LAN (couldn't even send a print job to a network-attached printer). If that XP box connected to *your* network without a WEP key, then your WEP is simply not working. > I just changed the router to WPA2 TKIP+AES, and she can no longer > connect. > :-) > I just got a replacement XP pro laptop. At first it did not connect. I > copied the WPA key from the router and it connected to the WEB. Does > this all seem proper? > Yep. That's the way it's 'sposed to be. We refer to the WPA "key" as a "passphrase" to differentiate it from a WEP key (which would be one of four keys). The longer the WPA passphrase, the better, and the less dictionary words you use in it, the better. thisisalousywpapassphrase *&%&Eufdkk4eurNKIBBD,,>< I have only setup W2K and XP home before, and pro seems to be different > enough that I have not been able to get to see the workgroup computers. > Hmmm... This shouldn't be. Check that the dopey Windows firewall isn't turned on. (Kill it from Control Panel.) You may also need to enable NetBIOS over TCP/IP (not sure how your other workgroup computers are set up, and I don't work on too many Windows networks, anyway). > Before I commit major disruption to my new laptop by installing a couple > more OSs I would like to see what a stock Win box can do with my LAN. > A good practice! Enjoy, and good luck, Ray. -- Lewis ------------------------------------------------------------- Lewis G Rosenthal, CNA, CLP, CLE Rosenthal & Rosenthal, LLC www.2rosenthals.com Need a managed Wi-Fi hotspot? www.hautspot.com Treasurer, Warpstock Corporation www.warpstock.org -------------------------------------------------------------