Sahir folder over WI-FI using WEP ... Is It secure ??

I have an XP box that is connecting to a 2000 professional machine's shared folder

The folder only has

Administrator and system users
Plus My account that has the same username and password on both machines to keep access easy.

I connect to the folder via my WI-FI router from the XP box

The Router has wep 64 ( I think its 64) enabled and mac filtering

What I need to know is how secure is this set-up ??

Is it easy for anyone else to pick up in the documents im coping to and from this shared folder over the WI-FI ??

Who is Participating?
ChatableConnect With a Mentor Commented:
If we're talking at the Wi-Fi level, then no it's not secure because WEP can be cracked in several days (for average networks). MAC filtering is also not secure because someone can run a wireless sniffer and get your MAC (which can be changed through software).
To properly protect your network, I have two recommendations:
1) If you use modern equipment, you should switch from WEP to WPA-PSK (WPA is even stronger but it's not practical for home networks). WPA (and WPA-PSK) uses better encryption that is not trivial to crack.
2) Secure computers connected. The idea is that even if someone managed to access your network, s/he wouldn't be able to achieve much. For Windows computers sharing folders this would be:
* Make sure that all shared folders have proper permissions and that no shared folder has permissions for everyone.
* Disable the guest accound
* Make sure that all users that have access to the shared folders have strong passwords set.
* Tighten your login by changing the security option "LAN Manager Authentication Level" (under local security policy) to (at leat) "Send NTLMv2 response only\resuse LM" (note: this will prevent old 9x and NT4 computers from accessing your computer).
But then again - note that files transfered from shared folders are sent unencrypted (at the transport level). This means that even if you've secured your computer properly, if someone managed to connect to your wireless network, eventhough s/he won't be able to access your computer directly, s/he will be able to use a network sniffer and capture the files as they are transfered between two of your computers. The only way around this is not to use shared folders at all but a different method of sharing files, that supports strong encryption (like HTTPS) - or just secure your network with WPA or WPA-PSK like mentioned earlier.
ECNSSMTConnect With a Mentor Commented:
don't advertise your SSID; that should help.

nothing is ever really secured; it's more like how valuable is your information and how much time is the perpetrator willing to spend on hacking into your system.  If someone else already knows the encryption key your are using , your XP username and password; I haven't seen wireless cards with alterable MAC addresses (but that's just me), but all bets are off.  You also have to look at physical accesibility too, is this area traversed by the entire world or is it limited to a select few.  i.e. is the radius of the WAP limited to your neighbors (assuming its residential) or if its on a school campus; what kind of students liberal arts students or hardcore CS majors.  You assess your security with the existing environmental parameters.

Otherwise; after the rant, under normal circumstances you are fairly safe; most of the people that look to get access to a wireless network are people looking for free internet access, there are enough WAPs out there that if they can't get access to one WAP they look for another.  With the XP login, MAC filter, WEP or WPA, and hidden SSID; I see no issues...

GeneralMandibleConnect With a Mentor Commented:
WEP is crackable, but someone would have to capture quite a few packets.  If you are really paranoid, another measure you can do is change your WEP/WPA key every 90 days or so.  ECNSSMT covered everything you need.
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Hi  silki,

Did that help out? Or do yo need more information?

silkiAuthor Commented:

Sorry iv just been looking into what you have all talked about.

My current cards will only go up to wep 128bit so im looking into getting new cards that use WPA, but before i do this i want to make sure WPA is ok to use, Chatable  says "WPA is even stronger but it's not practical for home networks"

From what you have warned about and my current location i think that "XP login, MAC filter, WEP, and hidden SSID" will be ok then maybe change the wep key every month or so, but generally I will be more protected ??? which is all you can do really, its just this WPA stuff Im going to look into more !
Its all relative.  Security is not  a single layer solution.  The wireless SOHO routers offer 3 options to enable for security.  The 802.11g routers offers an improvement on WEP; that's WPA.  

Another layer in this; assuming that your desktop is the intended target is Window's file security.  If you want to add one more layer; you can monitor traffic via a sniffer, if you are curious about what is hitting your shared folder.  (Its a freebie....  if you have a managed switch, you can use this to see ALL of the port traffic, the unmanaged devices you can only see traffic on the one port where the app is installed)

another thought is that you can always turn off the wireless protion of the router when you are not using it; if its not on, no one can get in.

Whether or not you buy the more secured device is really up to you.  Everyone is saying get the best security possible.  If we take a look at an anology to a vault or safe.  The most secure safe is a bank vault that can be rated as being compromiseable in 50 man hours (say).   You buy a safe that is rated as being able to be compromised in 6 man hours
(WEP) for $$.  A newer safe hits the market with a rating of being able to be compromised in 10 man hours at a cost of $$; its more secure than the the previous safe.  Do you buy it?

If you think you need it, then buy it.  But just as a fyi, when I was using 802.11b; WEP was OK for me.  But then again my only concern was someone leeching internet service from me.  My biggest hinderance was; 1 the latop still had to connected to a power outlet especially for long periods of use, and 2. wired connections beats wireless in terms of thru put any day.

Sorry for the long winded epilog.  Hope it helps you decide definitively.  And thanks for the points...

silkiAuthor Commented:

Just a Quick question you said that "WPA is even stronger but it's not practical for home networks" ... what did you mean by this ??

I only have two machines and to maintain at home and I would class my PC knowledge as pritty high !
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.