Solved

Sahir folder over WI-FI using WEP ... Is It secure ??

Posted on 2006-07-14
7
369 Views
Last Modified: 2013-12-04
I have an XP box that is connecting to a 2000 professional machine's shared folder

The folder only has

Administrator and system users
Plus My account that has the same username and password on both machines to keep access easy.

I connect to the folder via my WI-FI router from the XP box

The Router has wep 64 ( I think its 64) enabled and mac filtering

What I need to know is how secure is this set-up ??

Is it easy for anyone else to pick up in the documents im coping to and from this shared folder over the WI-FI ??


0
Comment
Question by:silki
7 Comments
 
LVL 14

Assisted Solution

by:ECNSSMT
ECNSSMT earned 40 total points
ID: 17108847
don't advertise your SSID; that should help.

nothing is ever really secured; it's more like how valuable is your information and how much time is the perpetrator willing to spend on hacking into your system.  If someone else already knows the encryption key your are using , your XP username and password; I haven't seen wireless cards with alterable MAC addresses (but that's just me), but all bets are off.  You also have to look at physical accesibility too, is this area traversed by the entire world or is it limited to a select few.  i.e. is the radius of the WAP limited to your neighbors (assuming its residential) or if its on a school campus; what kind of students liberal arts students or hardcore CS majors.  You assess your security with the existing environmental parameters.

Otherwise; after the rant, under normal circumstances you are fairly safe; most of the people that look to get access to a wireless network are people looking for free internet access, there are enough WAPs out there that if they can't get access to one WAP they look for another.  With the XP login, MAC filter, WEP or WPA, and hidden SSID; I see no issues...

Regards,
0
 
LVL 3

Assisted Solution

by:GeneralMandible
GeneralMandible earned 40 total points
ID: 17109165
WEP is crackable, but someone would have to capture quite a few packets.  If you are really paranoid, another measure you can do is change your WEP/WPA key every 90 days or so.  ECNSSMT covered everything you need.
0
 
LVL 7

Accepted Solution

by:
Chatable earned 45 total points
ID: 17109527
If we're talking at the Wi-Fi level, then no it's not secure because WEP can be cracked in several days (for average networks). MAC filtering is also not secure because someone can run a wireless sniffer and get your MAC (which can be changed through software).
To properly protect your network, I have two recommendations:
1) If you use modern equipment, you should switch from WEP to WPA-PSK (WPA is even stronger but it's not practical for home networks). WPA (and WPA-PSK) uses better encryption that is not trivial to crack.
2) Secure computers connected. The idea is that even if someone managed to access your network, s/he wouldn't be able to achieve much. For Windows computers sharing folders this would be:
* Make sure that all shared folders have proper permissions and that no shared folder has permissions for everyone.
* Disable the guest accound
* Make sure that all users that have access to the shared folders have strong passwords set.
* Tighten your login by changing the security option "LAN Manager Authentication Level" (under local security policy) to (at leat) "Send NTLMv2 response only\resuse LM" (note: this will prevent old 9x and NT4 computers from accessing your computer).
But then again - note that files transfered from shared folders are sent unencrypted (at the transport level). This means that even if you've secured your computer properly, if someone managed to connect to your wireless network, eventhough s/he won't be able to access your computer directly, s/he will be able to use a network sniffer and capture the files as they are transfered between two of your computers. The only way around this is not to use shared folders at all but a different method of sharing files, that supports strong encryption (like HTTPS) - or just secure your network with WPA or WPA-PSK like mentioned earlier.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 14

Expert Comment

by:ECNSSMT
ID: 17132688
Hi  silki,

Did that help out? Or do yo need more information?

Regards,
0
 

Author Comment

by:silki
ID: 17136796
HI,

Sorry iv just been looking into what you have all talked about.

My current cards will only go up to wep 128bit so im looking into getting new cards that use WPA, but before i do this i want to make sure WPA is ok to use, Chatable  says "WPA is even stronger but it's not practical for home networks"

From what you have warned about and my current location i think that "XP login, MAC filter, WEP, and hidden SSID" will be ok then maybe change the wep key every month or so, but generally I will be more protected ??? which is all you can do really, its just this WPA stuff Im going to look into more !
0
 
LVL 14

Expert Comment

by:ECNSSMT
ID: 17137771
Its all relative.  Security is not  a single layer solution.  The wireless SOHO routers offer 3 options to enable for security.  The 802.11g routers offers an improvement on WEP; that's WPA.  

Another layer in this; assuming that your desktop is the intended target is Window's file security.  If you want to add one more layer; you can monitor traffic via a sniffer, if you are curious about what is hitting your shared folder.  www.ethereal.com.  (Its a freebie....  if you have a managed switch, you can use this to see ALL of the port traffic, the unmanaged devices you can only see traffic on the one port where the app is installed)

another thought is that you can always turn off the wireless protion of the router when you are not using it; if its not on, no one can get in.

Whether or not you buy the more secured device is really up to you.  Everyone is saying get the best security possible.  If we take a look at an anology to a vault or safe.  The most secure safe is a bank vault that can be rated as being compromiseable in 50 man hours (say).   You buy a safe that is rated as being able to be compromised in 6 man hours
(WEP) for $$.  A newer safe hits the market with a rating of being able to be compromised in 10 man hours at a cost of $$; its more secure than the the previous safe.  Do you buy it?

If you think you need it, then buy it.  But just as a fyi, when I was using 802.11b; WEP was OK for me.  But then again my only concern was someone leeching internet service from me.  My biggest hinderance was; 1 the latop still had to connected to a power outlet especially for long periods of use, and 2. wired connections beats wireless in terms of thru put any day.

Sorry for the long winded epilog.  Hope it helps you decide definitively.  And thanks for the points...

Regards,
     
0
 

Author Comment

by:silki
ID: 17138963
Chatable,

Just a Quick question you said that "WPA is even stronger but it's not practical for home networks" ... what did you mean by this ??

I only have two machines and to maintain at home and I would class my PC knowledge as pritty high !
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now