[Comphelp] Wireless security

Tom Fota tom@fota.net
Fri, 14 May 2004 12:49:37 -0700 

My experience was identical to Phil's.  

When I set up the Wireless Network Connection on my notebook, I didn't seem
to have any option for WPA, so I went to the Microsoft site and searched for
WPA.  The second hit was the link to the patch that adds WPA to the Network
Authentication pulldown for the Wireless Network Properties dialog box.  The
link to the Knowledge Base article 815485 is
http://support.microsoft.com/default.aspx?scid=kb;en-us;815485patch.  The
link to the patch is
http://www.microsoft.com/downloads/details.aspx?FamilyID=009d8425-ce2b-47a4-
abec-274845dc9e91&displaylang=en.

In addition to using WPA, preferably WPA-PSK (pre-shared keys), the
following options are recommended to tighten your wireless security as much
as possible:

- Change the default password for the router
- Change the default SSID
- Disable SSID broadcasts
- Enable MAC address filtering
- Change the default password and the SSID regularly

To demonstrate how important this is, on Mother's Day, my wife and I were at
her parents house and I took my new notebook with built-in 802.11g wireless
to show my father-in-law.  As soon as it came up, it told me that there 4
available wireless networks, including "linksys", which is the Linksys
default SSID.  Figuring that this might be an unsecured network, I tried
connecting and it allowed me to connect.  I was also able to connect to the
network's router.  I clicked on the password tab and had access to the
router password.  I could have easily changed the security of the router
from "Open" to "Encrypted", changed the router password, and the owner would
have been locked out of his own router and unable to connect without knowing
the encryption type.  I showed my father-in-law and he called around on
Monday to try and find out who's router this was.

Regards,

Tom Fota
IT Chair
San Diego

> -----Original Message-----
> From: comphelp-admin@usps.org 
> [mailto:comphelp-admin@usps.org] On Behalf Of Phil Arcuni
> Sent: Thursday, May 13, 2004 11:06 AM
> To: comphelp@usps.org
> Subject: [Comphelp] Wireless security
> 
> Just finished installing my new wireless router to replace 
> the 3 year old one. This one has all the latest bells and 
> whistles. All went well, even when I tested the WEP (old 
> style) encryption for the wireless link. When I tried the 
> newer WPA encryption, the computer side (client) would not 
> set up, and the connection failed. After searching Dell and 
> Linksys web sites for an hour looking for something to 
> download, or at least some mention of the subject, I called 
> Linksys. No wait, but the connection to India was a bit 
> noisy. The tech quickly referred  me to Microsoft.com to look 
> at Knowledge Base Article 815485, and to download the patch 
> which enables Windows XP to handle the new WPA encryption. He 
> even invited me to call back if needed.
> Installed the patch, and it works like a champ.
> 
> I hope this short piece will save one or more of you some 
> time. I have not seen mention of this Win xp patch for WPA, anywhere.
> 
> Best to all,
> 
> Phil Arcuni
> Key West
> 
> 
> _______________________________________________
> Need to subscribe, unsubscribe or change your email address?  
> See www.usps.org/mailman/listinfo/comphelp for details.
> 
>