Possible to make WEP secure?

I am using a WEP wireless modem that does not have the ability to do
WPA.

I have my file sharing turned off on the wireless computer (laptop)
and use it in my home only. I have no interest in connecting computers
together to share files, it's strictly a wireless internet
connectivity setup.

Is there any way to secure the data that passes over the wireless so
that it is not available to hackers without buying a different router?
I want the data that I send over the air to be relatively secure and I
want to make sure no one accesses my system via the wireless.

Thanks,

A

Hi

When the connection is a direct connection between a Wireless Router and a
computer there is No other ways to add security against sniffing the Signal.

Braking WEP is possible but it is not like every "Joe" can do it at any
moment at his own will, after all, it was the only encryption available for
Entry Level Wireless for few years.

It takes time to sniff the amount of packets that are needed to break the
WEP. You can decrease the likelihood of a Security Bridge by frequent
changes of a Strong Encryption key.

Otherwise, if security is really a big concern, a WPA capable Wireless
Routers can be found on sale for less then $30.

Jack (MVP-Networking).



"Ari" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I am using a WEP wireless modem that does not have the ability to do
> WPA.
>
> I have my file sharing turned off on the wireless computer (laptop)
> and use it in my home only. I have no interest in connecting computers
> together to share files, it's strictly a wireless internet
> connectivity setup.
>
> Is there any way to secure the data that passes over the wireless so
> that it is not available to hackers without buying a different router?
> I want the data that I send over the air to be relatively secure and I
> want to make sure no one accesses my system via the wireless.
>
> Thanks,
>
> A
>

In addition to what jack said, that WEP is secure enough for common home
use... not secure for office use with alot of computers because of the way
it can be broken. If you only have one or two, even ten, computers on a
wireless network, for some sniffer (can't really call it a hacker) to get
the wep password would take probably the better part of a year. Every day in
front of your house, with his computer, logging every encrypted packet.
Hoping to get enough to break the code. Where in an office environment with
40 to 50 computers, that can be achived faster within a few days.
Anyway, the next point is that you should check to see if there are firmware
upgrades for your router, with a new revision you may get some features that
originally werent available.
And then third of all, if you're really paranoid, you should look into
tunneling software or proxy servers, where you can encrypt the data itself,
and you're paying for the security.
In the end, 90% of all the stuff you do at home on a wireless network
shouldn't cause you to be so paranoid... you're more at risk of having a
virus or spyware attach itself to your machine and seeing what you do.
Personally I have WEP turned off on my home network (it slows things down
and for some reason causes poor connections), because I know I can tell if
someone has hacked our network, I live in a busy city area where even after
1 and a half years, still not compromised.
A better way to secure yourself even with WEP on, is turn off the BSID (aka
ssid) this way no avarage person can just walk around with a laptop and say
oh look here's so-and-so's wireless. But if you're using windows wireless
configurator, as far as I know, you can't connect to networks with the bsid
turned off. grr!

-James G.


"Ari" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I am using a WEP wireless modem that does not have the ability to do
> WPA.
>
> I have my file sharing turned off on the wireless computer (laptop)
> and use it in my home only. I have no interest in connecting computers
> together to share files, it's strictly a wireless internet
> connectivity setup.
>
> Is there any way to secure the data that passes over the wireless so
> that it is not available to hackers without buying a different router?
> I want the data that I send over the air to be relatively secure and I
> want to make sure no one accesses my system via the wireless.
>
> Thanks,
>
> A
>

Thanks to both you and Jack.

However, I am not inspired by WEP's 'security'. I read about the FBI's
public demonstration of cracking a 128 bit WEP encoded key in 3
minutes flat. Although the people manning the monitoring computer were
professionals::> But, every bit of the software they used was freeware
and widely available as was the receiver used to monitor with.

Perhaps you'd entertain an additional question......

If I have file sharing turned off on both computer's network settings,
can a hacker do any harm even if the data is unencoded (besides the
info he/she can pick up by passive monitoring)? Please keep in mind
that my computers are NOT networked for the purposes of sharing or
exchanging data between them.

I know encrypted data that web browsers use is considered safe, and it
can be sent over unsecured links....it just seems odd that there isn't
a practical way to use older WEP capable wireless links today.

Regards,

A


On Tue, 07 Mar 2006 11:32:44 -0500, Ari <(E-Mail Removed)> wrote:

>I am using a WEP wireless modem that does not have the ability to do
>WPA.
>
>I have my file sharing turned off on the wireless computer (laptop)
>and use it in my home only. I have no interest in connecting computers
>together to share files, it's strictly a wireless internet
>connectivity setup.
>
>Is there any way to secure the data that passes over the wireless so
>that it is not available to hackers without buying a different router?
>I want the data that I send over the air to be relatively secure and I
>want to make sure no one accesses my system via the wireless.
>
>Thanks,
>
>A

Ok, here's the real poop, as far i know it.
The way that it can only be cracked is by one specific packet that sends the
one single part of the wep key unecrypted. If that one packet (which is
rarely transmitted on a home network) is sent enough times, litterally
thousands, the key can be decyphered. On a business network where different
kinds of packeting and more complex systems are used, this one unecrypted
packet can be transmitted hundreds of times a day... where on a home system
you're lucky if it's sent once a day. (where also in that FBI demo, they
probably set up for that packet to be transmitted constantly...)
Yes, it can be monitored if that person wanted to buy a $200 wireless card,
and a good computer system to do the work. But you're likelyness of someone
even thinking of hacking your network is slim to none, and slim left town!
Especially when they can drive down the road they can hack into a insecure
one and do whatever they want!! To be brutally honest, you're just paranoid.
Second off, like you mentioned, anything you do online, like purchasing, if
it's site is secured, then you're safe there! And nothing to worry about.
Third, to answer you most important question, if someone did hack into your
network, and you had all your sharing shut off, you're pretty much safe.
Although, windows xp pro machines have (had) shared for administrative use
(I think) that if you didnt have an admin password, they were open. If you
really think you need more security, look into software firewalls... this'll
only stop anything from people on the network from hacking your machine or
at least let you know if something is happening. But in most cases people
don't need personal software firewalls because the router can do this for
you, between you and the internet.

Lastly, No one is going to hack you or even bother trying to hack if you're
using WEP... it's too time consuming, and unless you had Top Secret data,
there is nothing to worry about.

-James G.



"Ari" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks to both you and Jack.
>
> However, I am not inspired by WEP's 'security'. I read about the FBI's
> public demonstration of cracking a 128 bit WEP encoded key in 3
> minutes flat. Although the people manning the monitoring computer were
> professionals::> But, every bit of the software they used was freeware
> and widely available as was the receiver used to monitor with.
>
> Perhaps you'd entertain an additional question......
>
> If I have file sharing turned off on both computer's network settings,
> can a hacker do any harm even if the data is unencoded (besides the
> info he/she can pick up by passive monitoring)? Please keep in mind
> that my computers are NOT networked for the purposes of sharing or
> exchanging data between them.
>
> I know encrypted data that web browsers use is considered safe, and it
> can be sent over unsecured links....it just seems odd that there isn't
> a practical way to use older WEP capable wireless links today.
>
> Regards,
>
> A
>
>
> On Tue, 07 Mar 2006 11:32:44 -0500, Ari <(E-Mail Removed)> wrote:
>
>>I am using a WEP wireless modem that does not have the ability to do
>>WPA.
>>
>>I have my file sharing turned off on the wireless computer (laptop)
>>and use it in my home only. I have no interest in connecting computers
>>together to share files, it's strictly a wireless internet
>>connectivity setup.
>>
>>Is there any way to secure the data that passes over the wireless so
>>that it is not available to hackers without buying a different router?
>>I want the data that I send over the air to be relatively secure and I
>>want to make sure no one accesses my system via the wireless.
>>
>>Thanks,
>>
>>A

Thanks James,

Read your entire message and appreciate that you took the time to give
me the information, thank you.

The system here is a router with hardware firewall and each computer
had Zone Alarm Free version. Without any software firewall running,
the router firewall blocks everything is stealth'd on ALL ports.

All of our computers get scanned one a week for spyware using spybot
and ad-aware.

We use AVG free virus scanner.

Outlook, Outlook Express, MSN and Windows Messenger are removed from
our hard drives.....they won't even get started by 'accident'.

No software gets internet access unless it actually needs it, Bill's
media player doesn't catalog my music or download album covers or
organize playlists. It also doesn't acquire DRM licenses
automatically::> No software gets automatic internet access except for
Windows Update, the virus scanner, Eudora, Agent and a very few
others.

We removed Bill's Office suite, and now run Open Office.

Internet Explorer has java script and activeX completely
disabled....and, we use Firefox, not IE. IE is there because Bill
Gates OS won't run without it. We use Eudora and Free Agent for email
and newsgroup browsing.

I'm thinking about removing the flash player, it seems to be almost
exclusively used for third party advertising on websites anyway::>

Real Audio and some other similar media type players have been
removed, the scandal where Real Networks got caught red handed
collecting data on users musical preferences as a basis for targeted
advertising is still fresh in my mind::> Perhaps not a serious
security risk, but certainly the music and audio/video I watch online
or in my house is my business, and no one else's --your mileage might
vary.

The wireless network has file sharing disabled (in the properties for
it).

The desktop (hardwired to the router) has file sharing disabled in the
LAN setup.

The 'guest' account was renamed after creating another account, issued
a strong password and then it was deleted.

The sole administrator account is never logged in while connected to
the internet. It uses a name other than admin or administrator. For
example, it's name might be something like 'Chief1' or 'the_boss'.
Password is VERY VERY strong.

All users, including myself have strong passwords and are required to
log in, but we have only limited privileges. None of the users have
guess-able names, all names are at least 6 characters in length...for
example, my user name isn't Ari, but it might be something like aarrii
or iira11 or ..ari//.

I'd like the wireless to be WPA, but, as you say I might be
paranoid::> Acknowledged. Providing multiple hoops that intruders have
to overcome to get into the system seems to be the standard
practice-I'd like to have WPA be another barrier if possible. I'd like
to have WPA2, but it seems a little premature at this time, I just
read where Microsoft didn't even release WPA2 capable drivers until
March of last year, and WPA2 routers are not exactly common even now.

We have no top secret stuff on our system, but we take our internet
seriously...especially the risks that we can control. My nine year old
daughter is more internet savvy than all of the other kids in her
class put together.

If that's paranoid, well, then I guess I'm paranoid::>

Again, thanks very much for taking the time to enlighten me regarding
the wireless security issue.

Regards,

A



>Ok, here's the real poop, as far i know it.
>The way that it can only be cracked is by one specific packet that sends the
>one single part of the wep key unecrypted. If that one packet (which is
>rarely transmitted on a home network) is sent enough times, litterally
>thousands, the key can be decyphered. On a business network where different
>kinds of packeting and more complex systems are used, this one unecrypted
>packet can be transmitted hundreds of times a day... where on a home system
>you're lucky if it's sent once a day. (where also in that FBI demo, they
>probably set up for that packet to be transmitted constantly...)
>Yes, it can be monitored if that person wanted to buy a $200 wireless card,
>and a good computer system to do the work. But you're likelyness of someone
>even thinking of hacking your network is slim to none, and slim left town!
>Especially when they can drive down the road they can hack into a insecure
>one and do whatever they want!! To be brutally honest, you're just paranoid.
>Second off, like you mentioned, anything you do online, like purchasing, if
>it's site is secured, then you're safe there! And nothing to worry about.
>Third, to answer you most important question, if someone did hack into your
>network, and you had all your sharing shut off, you're pretty much safe.
>Although, windows xp pro machines have (had) shared for administrative use
>(I think) that if you didnt have an admin password, they were open. If you
>really think you need more security, look into software firewalls... this'll
>only stop anything from people on the network from hacking your machine or
>at least let you know if something is happening. But in most cases people
>don't need personal software firewalls because the router can do this for
>you, between you and the internet.
>
>Lastly, No one is going to hack you or even bother trying to hack if you're
>using WEP... it's too time consuming, and unless you had Top Secret data,
>there is nothing to worry about.
>
>-James G.
>
>

Hi
Bear in mind that though the same word Security is used to describe Secure
Internet Connection and Secure Wireless from a Computer functioning
perspective there is No relation between the two.
Wireless Security has Nothing to do with securing the Internet Connection.
Wireless is just a replacement for a Wire and thus can be intercepted by
people in the neighborhood attaching them self to your Signal and use your
LAN and your LAN's Internet Connection. To avoid Local Tapping there are
Wireless Security measures. These measures are unique to the Wireless
components, and have to be used even if there is No Internet Connection.
These short pages describe the basic principles of functional Wireless
Security.
Wireless Security - http://www.ezlan.net/Wireless_Security.html
WEP, WPA, WPA2 - http://www.ezlan.net/wpa_wep.html
Network Segregation - http://www.ezlan.net/shield.html
Cable/DSL Router Hardware NAT and Firewall/AntiVirus/AntiSpy applications
are the ones that protect the Internet connection from being
invaded/infested, and preventing your LAN computers (Wired and Wireless)
from transmitting out to the Internet privileged information.
All the computers (as a Network) would have basic Internet protection by
using a Cable/DSL Router. In addition, each computer on your Network that
has access to the Internet should have its own Internet Connection
protection regardless of whether it uses Wire or Wireless.
Internet -Basic protection: http://www.ezlan.net/firewall.html
Assemble Freeware Security suit for Internet Connection:
http://www.ezlan.net/security.html
Jack (MVP-Networking).



"Ari" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> Thanks James,
>
> Read your entire message and appreciate that you took the time to give
> me the information, thank you.
>
> The system here is a router with hardware firewall and each computer
> had Zone Alarm Free version. Without any software firewall running,
> the router firewall blocks everything is stealth'd on ALL ports.
>
> All of our computers get scanned one a week for spyware using spybot
> and ad-aware.
>
> We use AVG free virus scanner.
>
> Outlook, Outlook Express, MSN and Windows Messenger are removed from
> our hard drives.....they won't even get started by 'accident'.
>
> No software gets internet access unless it actually needs it, Bill's
> media player doesn't catalog my music or download album covers or
> organize playlists. It also doesn't acquire DRM licenses
> automatically::> No software gets automatic internet access except for
> Windows Update, the virus scanner, Eudora, Agent and a very few
> others.
>
> We removed Bill's Office suite, and now run Open Office.
>
> Internet Explorer has java script and activeX completely
> disabled....and, we use Firefox, not IE. IE is there because Bill
> Gates OS won't run without it. We use Eudora and Free Agent for email
> and newsgroup browsing.
>
> I'm thinking about removing the flash player, it seems to be almost
> exclusively used for third party advertising on websites anyway::>
>
> Real Audio and some other similar media type players have been
> removed, the scandal where Real Networks got caught red handed
> collecting data on users musical preferences as a basis for targeted
> advertising is still fresh in my mind::> Perhaps not a serious
> security risk, but certainly the music and audio/video I watch online
> or in my house is my business, and no one else's --your mileage might
> vary.
>
> The wireless network has file sharing disabled (in the properties for
> it).
>
> The desktop (hardwired to the router) has file sharing disabled in the
> LAN setup.
>
> The 'guest' account was renamed after creating another account, issued
> a strong password and then it was deleted.
>
> The sole administrator account is never logged in while connected to
> the internet. It uses a name other than admin or administrator. For
> example, it's name might be something like 'Chief1' or 'the_boss'.
> Password is VERY VERY strong.
>
> All users, including myself have strong passwords and are required to
> log in, but we have only limited privileges. None of the users have
> guess-able names, all names are at least 6 characters in length...for
> example, my user name isn't Ari, but it might be something like aarrii
> or iira11 or ..ari//.
>
> I'd like the wireless to be WPA, but, as you say I might be
> paranoid::> Acknowledged. Providing multiple hoops that intruders have
> to overcome to get into the system seems to be the standard
> practice-I'd like to have WPA be another barrier if possible. I'd like
> to have WPA2, but it seems a little premature at this time, I just
> read where Microsoft didn't even release WPA2 capable drivers until
> March of last year, and WPA2 routers are not exactly common even now.
>
> We have no top secret stuff on our system, but we take our internet
> seriously...especially the risks that we can control. My nine year old
> daughter is more internet savvy than all of the other kids in her
> class put together.
>
> If that's paranoid, well, then I guess I'm paranoid::>
>
> Again, thanks very much for taking the time to enlighten me regarding
> the wireless security issue.
>
> Regards,
>
> A
>
>
>
>>Ok, here's the real poop, as far i know it.
>>The way that it can only be cracked is by one specific packet that sends
>>the
>>one single part of the wep key unecrypted. If that one packet (which is
>>rarely transmitted on a home network) is sent enough times, litterally
>>thousands, the key can be decyphered. On a business network where
>>different
>>kinds of packeting and more complex systems are used, this one unecrypted
>>packet can be transmitted hundreds of times a day... where on a home
>>system
>>you're lucky if it's sent once a day. (where also in that FBI demo, they
>>probably set up for that packet to be transmitted constantly...)
>>Yes, it can be monitored if that person wanted to buy a $200 wireless
>>card,
>>and a good computer system to do the work. But you're likelyness of
>>someone
>>even thinking of hacking your network is slim to none, and slim left town!
>>Especially when they can drive down the road they can hack into a insecure
>>one and do whatever they want!! To be brutally honest, you're just
>>paranoid.
>>Second off, like you mentioned, anything you do online, like purchasing,
>>if
>>it's site is secured, then you're safe there! And nothing to worry about.
>>Third, to answer you most important question, if someone did hack into
>>your
>>network, and you had all your sharing shut off, you're pretty much safe.
>>Although, windows xp pro machines have (had) shared for administrative use
>>(I think) that if you didnt have an admin password, they were open. If you
>>really think you need more security, look into software firewalls...
>>this'll
>>only stop anything from people on the network from hacking your machine or
>>at least let you know if something is happening. But in most cases people
>>don't need personal software firewalls because the router can do this for
>>you, between you and the internet.
>>
>>Lastly, No one is going to hack you or even bother trying to hack if
>>you're
>>using WEP... it's too time consuming, and unless you had Top Secret data,
>>there is nothing to worry about.
>>
>>-James G.
>>
>>