Netgear WG602 V2 Not Working With WEP

The Netgear WG602 V2 has WEP options for Authentication that lets you use
Open System or Shared Key. Shared Key requires you to set a long
Hexadecimal key. Open System works fine, but WEP Shared Key always fails.
The Internet is loaded with people who have this same product who make the
same complaint. The same posts say that Netgear's support people are
useless and don't understand the issue and don't have suggestions to fix the
problem. Those posts are older than a year so maybe something changed.

Is there a specific version of WG602 V2 firmware that is known to fix this
bug?

--
Will

Can someone also explain what are the security implications of using WEP
with "Open System" authentication?

--
Will


"Will" <westes-(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ...
> The Netgear WG602 V2 has WEP options for Authentication that lets you use
> Open System or Shared Key. Shared Key requires you to set a long
> Hexadecimal key. Open System works fine, but WEP Shared Key always
fails.
> The Internet is loaded with people who have this same product who make the
> same complaint. The same posts say that Netgear's support people are
> useless and don't understand the issue and don't have suggestions to fix
the
> problem. Those posts are older than a year so maybe something changed.
>
> Is there a specific version of WG602 V2 firmware that is known to fix this
> bug?
>
> --
> Will
>
>

"Will" <westes-(E-Mail Removed)> hath wroth:

>Can someone also explain what are the security implications of using WEP
>with "Open System" authentication?

Open System authentication is basically no authentication at all.
However, shared key authentication makes it fairly easy to extract the
WEP key. As the lesser evil, Open System is better. See:
| http://www.startawisp.com/content/view/147/83/
| http://www.cisco.com/warp/public/779...t-security.htm

The original WG602 does not support WPA, but your V2 version does. Any
particular reason why you're using WEP, which is known to be
crackable, instead of WPA, with is far more secure?


--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

"Jeff Liebermann" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "Will" <westes-(E-Mail Removed)> hath wroth:
> >Can someone also explain what are the security implications of using WEP
> >with "Open System" authentication?
>
> Open System authentication is basically no authentication at all.
> However, shared key authentication makes it fairly easy to extract the
> WEP key. As the lesser evil, Open System is better. See:
> | http://www.startawisp.com/content/view/147/83/

Interesting reading. How easily can they break the WEP key using Open
System?


> The original WG602 does not support WPA, but your V2 version does. Any
> particular reason why you're using WEP, which is known to be
> crackable, instead of WPA, with is far more secure?

The client doesn't appear to have any support for WPA.

--
Will

"Will" <westes-(E-Mail Removed)> hath wroth:

>"Jeff Liebermann" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>> "Will" <westes-(E-Mail Removed)> hath wroth:
>> >Can someone also explain what are the security implications of using WEP
>> >with "Open System" authentication?
>>
>> Open System authentication is basically no authentication at all.
>> However, shared key authentication makes it fairly easy to extract the
>> WEP key. As the lesser evil, Open System is better. See:
>> | http://www.startawisp.com/content/view/147/83/

>Interesting reading. How easily can they break the WEP key using Open
>System?

I don't know. I've never tried it that way. It sounds fairly easy.
Quoting the above URL:
For shared key authentication, the Access Point (AP) generates
some random string of ASCII, sends it CLEARTEXT to the Station,
the station encrypts it using his configured WEP key, sends it
ENCRYPTED to the AP, and the AP then decrypts it to see if the
starting ASCII string is produced. This is meant to insure both
sides have the same key. The problem is that 2 of 3 parts of the
encryption scheme are sent over the air, and makes it much easier
for a hacker to figure out the WEP key.
So, by sniffing the traffic, I can get the random string directly. I
can also get the encrypted hash code by sniffing. As I vaguely recall
(not sure, might be wrong, too lazy to check), it's not really
"encrypted" but a simple XOR of the ASCII string and the WEP key.
Running another XOR against the hash code should recover the WEP key.
Way too easy.

The program WEPWedgie does a better job by creating customized WEP
packets, cramming them into the wireless traffic, and decrypting the
WEP key from the encrypted results. Also too easy:
http://www.securityfocus.com/infocus/1824
http://sourceforge.net/projects/wepwedgie/
There are some notes on using it for cracking the WEP key using the
shared key authentication exchange. Have fun.

>> The original WG602 does not support WPA, but your V2 version does. Any
>> particular reason why you're using WEP, which is known to be
>> crackable, instead of WPA, with is far more secure?
>
>The client doesn't appear to have any support for WPA.

Ummmm... there are other ways to obtain WPA-PSK client support. Can
you supply some details on the client? Make, model, hardware
mutation, operating system?

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

"Jeff Liebermann" <(E-Mail Removed)> wrote in message
> >> The original WG602 does not support WPA, but your V2 version does. Any
> >> particular reason why you're using WEP, which is known to be
> >> crackable, instead of WPA, with is far more secure?
> >
> >The client doesn't appear to have any support for WPA.
>
> Ummmm... there are other ways to obtain WPA-PSK client support. Can
> you supply some details on the client? Make, model, hardware
> mutation, operating system?

The client device is a Viewsonic V150 wireless tablet. This device is a
flash-based RDP client. Our warehouse manager uses it to login to her
Windows desktop via RDP from a portable cart. It's a fantastic little
device, and I'm shocked that after so many years the idea has not caught on
better. Viewsonic really hurts this product by only releasing in 800x600
resolution. A 1280x1024 version would phenomenal.

It looks to me like this tablet is running an older Windows CE as its own
OS. They have a newer model that does Windows CE 5.0, and I could upgrade
us to that if I could be convinced it would significantly improve on the
wireless security.

--
Will

"Will" <(E-Mail Removed)> hath wroth:

>
>"Jeff Liebermann" <(E-Mail Removed)> wrote in message
>> >> The original WG602 does not support WPA, but your V2 version does. Any
>> >> particular reason why you're using WEP, which is known to be
>> >> crackable, instead of WPA, with is far more secure?
>> >
>> >The client doesn't appear to have any support for WPA.
>>
>> Ummmm... there are other ways to obtain WPA-PSK client support. Can
>> you supply some details on the client? Make, model, hardware
>> mutation, operating system?

>The client device is a Viewsonic V150 wireless tablet. This device is a
>flash-based RDP client. Our warehouse manager uses it to login to her
>Windows desktop via RDP from a portable cart. It's a fantastic little
>device, and I'm shocked that after so many years the idea has not caught on
>better. Viewsonic really hurts this product by only releasing in 800x600
>resolution. A 1280x1024 version would phenomenal.

This review claims that the V150 does 1024x768:
| http://reviews.zdnet.co.uk/hardware/...0003760,00.htm

>It looks to me like this tablet is running an older Windows CE as its own
>OS.

It's not even a full version of Windoze CE. It's "Windoze CE for
Smart Displays" which is a subset of CE something. I couldn't
determine the exact base version.

802.11b only with no easy way to upgrade. Y'er stuck with WEP.

>They have a newer model that does Windows CE 5.0, and I could upgrade
>us to that if I could be convinced it would significantly improve on the
>wireless security.

Methinks you could do better using VNC and a Tablet PC.

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

"Jeff Liebermann" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> >They have a newer model that does Windows CE 5.0, and I could upgrade
> >us to that if I could be convinced it would significantly improve on the
> >wireless security.
>
> Methinks you could do better using VNC and a Tablet PC.


Of course you could do better, but then you would need to

a) Pay for a full tablet
b) Pay a LOT more for the time to install the OS, secure the OS, configure
the OS
c) Wait a LOT longer every time you want to boot it up and use it

The V150 boots in about 10 seconds and is ready for immediate use. It's a
very nifty appliance, and the more I use computers the more I realize we
need more special purpose appliances, not hours of our time wasted trying to
make the general purpose appliance (the computer) suitable for specific
applications.

In any case, thanks for confirming the capabilities of the V150.

--
Will