http://www.dslreports.com/forum/r16092540 en Sun, 29 Nov 2009 16:30:37 EDT Sun, 29 Nov 2009 16:30:37 EDT http://www.dslreports.com/forum/remark,16100760 dspalding : On the scale of security effectiveness, WPA compared with MAC addr. filtering and SSID broadcast OFF is ....

...SSID off...MAC filter................................................................................WPA.

;)]]> http://www.dslreports.com/forum/remark,16100760 Mon, 15 May 2006 13:16:52 EDT http://www.dslreports.com/forum/remark,16096694 Nerdtalker : If you're using a WRT54GS, you might want to try also using WPA instead of WPA2. If you're using AES encryption explicitly, the two offer essentially the same encryption.

I had significant problems with a linksys wireless NIC until I fell back on WPA-PSK AES instead of WPA2-PSK AES/TKIP.

MAC filtering is as much of a waste of time as disabling SSID broadcasts. It's been beaten beyond a bloody pulp by perpetual argument, and even just mentioning it creates discussion. Essentially, it offers no additional security and obfuscates the authentication process.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn

I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 12900+ messages currently using 406 MB.]]> http://www.dslreports.com/forum/remark,16096694 Sun, 14 May 2006 19:30:56 EDT http://www.dslreports.com/forum/remark,16094937 anon : Well I have a netgear router and I use WPA-PSK [TKIP] + WPA2-PSK [AES].

I have disabled the broadcasting of the SSID but I also limited the amount of computers connecting to the router by restricting the ip range to just three computers. I also added address reservation based on the mac addresses so that only the computers with the mac addresses will get the one of the three ip's available.

That is about as secure as I get....

But I also live in the country and on 15 acres and if someone war driving can get signal from the street in front of my house then have at it but stay still long enough for me to squeeze off this round. >:)]]> http://www.dslreports.com/forum/remark,16094937 Sun, 14 May 2006 13:25:07 EDT http://www.dslreports.com/forum/remark,16094661 rlocone : That is total coolness! Thanks for the link!
--
»www.solar.maximum.com]]> http://www.dslreports.com/forum/remark,16094661 Sun, 14 May 2006 12:27:59 EDT http://www.dslreports.com/forum/remark,16093622 SoonerAl : Personally I use WPA-PSK (AES) with a long 63-character random ASCII key. Here the generator page...

»www.kurtm.net/wpa-pskgen/
--
"When all else fails, read the instructions..."]]> http://www.dslreports.com/forum/remark,16093622 Sun, 14 May 2006 06:28:19 EDT http://www.dslreports.com/forum/remark,16092590 dspalding : Hiding your SSID is false security, it protects nothing, and can complicate authorized connections. Just make your SSID cute and unique (see the other thread here about SSID names), and on a channel unique from your closest neighbors. (Do a scan. If everyone else is on channels 6 and 7, pick 9.) Can't think of one, use "BetelgeuseLives" (SSIDs are case-sensitve, btw).

I've had problems with Linksys' TKIP+AES. Stick with one. AES if all your adapters will support it, TKIP if not. Use a passphrase 20-30 characters, with numerals, uneven capitalization, and one or two punctuation marks, and you're as secure as Fort Knox. People seeing your SSID will not weaken you in the slightest.

If you haven't read the forum FAQ, DEFINITELY spend some time with that. Many questions and misconceptions cleared up in it.

BTW, WPA2 with a passphrase less than 20 characters is not easy to break. But with more than 20 is a good idea. Yes, WPA is a solid improvement over WEP like a Star Fleet shuttlecraft is an upgrade from a Yugo. ]]> http://www.dslreports.com/forum/remark,16092590 Sat, 13 May 2006 23:23:46 EDT http://www.dslreports.com/forum/remark,16092540 rlocone : Turning on the SSID would give it away. I don't want the WAP to come up on someone elses scans. If you don't the SSID. You are ass out. Are you kidding? WPA2 is easy to crack? I thought it was better then WEP?
--
»www.solar.maximum.com]]> http://www.dslreports.com/forum/remark,16092540 Sat, 13 May 2006 23:14:16 EDT http://www.dslreports.com/forum/remark,16091979 Cudni : put back the ssid broadcast on and enter a complex phrase, exactly the same, longer than 20chars in both the router and comp. Any simple phrase less than 20 and that WPA2 connection can be broken into.

Cudni
--
Some are born to failure, others achieve it, all deserve it.
Help yourself so God can help you.
MVP, Microsoft Windows Security 2006]]> http://www.dslreports.com/forum/remark,16091979 Sat, 13 May 2006 21:35:40 EDT http://www.dslreports.com/forum/remark,16091930 rlocone : Hello All!

I was setting up a Linksys wrt54g yesterday. XP was giving me some lip about the key must be 5 or 13 characters long. In the router I selected key shared, and WPA2 personal with TKIP+AES. Windows would not work properly. Once I turned off the security it worked correctly.

What is the best setting to configure the router and for windows to work with the tight security?

Right now the router is set up with SSID broadcast to OFF, and MAC filtering is enabled. Also, I changed the default SSID. Also, I changed the default password.

Any help would be appreciated.
--
»www.solar.maximum.com]]> http://www.dslreports.com/forum/remark,16091930 Sat, 13 May 2006 21:28:24 EDT