The Glade 4.0

"Turn the lights down, the party just got wilder."
It is currently Sun Nov 24, 2024 12:55 am

All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 19 posts ] 
Author Message
PostPosted: Tue Sep 29, 2009 1:11 pm 
Offline
Near Ground
User avatar

Joined: Wed Sep 02, 2009 10:38 pm
Posts: 6782
Location: Chattanooga, TN
Quick question: what wireless security measures offer the least latency? I'm not terribly concerned about neighbors suberting my precautions...my router only possibly extends one house over, to the little old lady whose most pressing matter is cutting her grass every other day ( :roll: ). I'm mainly looking for something just to keep anyone from randomly connecting to my network, which would most likely be by accident; keep in mind I don't live in the most technologically advanced area.

My favorite option is MAC address filtering (mainly because it's the simplest), but I was wondering if anyone knew how much latency that adds versus things like WEP, WPA, etc.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 1:24 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
MAC filtering adds virtually no latency. The MAC is part of the unencrypted header of the packet, and thus it's a simple table look-up. It should be noted, however, that the security it provides is pretty limited -- if you're a malicious person to begin with, you'll have the tools to snoop traffic (which, if unencrypted, means they can still see any data you send/receive) and spoof a valid MAC for their own access. Which leads us to encryption..

Unless your router is really getting long in the tooth, WPA shouldn't be horrific, either. I haven't ever done specific testing (hmm...), but I'd be amazed if it amounted to more than 5ms or something.

There's no excuse to not encrypt, in my mind. Especially if you handle any money matters online.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 2:08 pm 
Offline
Lean, Mean, Googling Machine
User avatar

Joined: Thu Sep 03, 2009 9:35 am
Posts: 2903
Location: Maze of twisty little passages, all alike
Did your router support WPA and/or WPA2 out-of-the-box? Because if so, it's pretty well safe to say that any performance difference vs. an unencrypted network will be negligible. There's really no reason not to be running WPA2+AES if your router supports it. WEP is trash and should not be used. Ever. For the record, it's probably slower than WPA or WPA2 anyway.

Incidentally, if your router is decent, you can probably disable the SSID broadcast. The will create problems for you if you have any devices that aren't able to connect to "hidden" WiFi networks, though. I'm not sure if this is supported by the current gen of game consoles supports this or not.

_________________
Sail forth! steer for the deep waters only!
Reckless, O soul, exploring, I with thee, and thou with me;
For we are bound where mariner has not yet dared to go,
And we will risk the ship, ourselves and all.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 2:09 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Current gen game consoles will support non-broadcast SSIDs. I stopped hiding mine because my laptop wouldn't always pick it up if it was coming out of hibernation, though.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 2:19 pm 
Offline
Near Ground
User avatar

Joined: Wed Sep 02, 2009 10:38 pm
Posts: 6782
Location: Chattanooga, TN
This is my router, for what it's worth.

Netgear RangeMax Wireless-N Gigabit Router Model No. WNR3500


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 4:01 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
It'll WPA fine. Use 2 if everything you've got supports it.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 4:28 pm 
Offline
Near Ground
User avatar

Joined: Wed Sep 02, 2009 10:38 pm
Posts: 6782
Location: Chattanooga, TN
My devices list is as follows:

MacBook Pro
iMac
PC with Linksys Wireless USB Adapter
Xbox 360
Playstation 3
Nintendo DSi
Sony PSP

My Mac Pro for work is running wired internet, so that's not an issue.

Honestly, I'm not well-versed enough on networking to be cognizant of what encryption methods each support.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 5:31 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Hmm. What generation iMac? And I don't know about the PSP. The rest look good off the top of my head.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 5:57 pm 
Offline
Near Ground
User avatar

Joined: Wed Sep 02, 2009 10:38 pm
Posts: 6782
Location: Chattanooga, TN
Uh...no idea. The iMonitor. Whichever generation that one is (Help me, Obi-Wan KenKatas, you're my only hope!)


Attachments:
20imac1__61196.jpg
20imac1__61196.jpg [ 16.61 KiB | Viewed 6527 times ]
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 7:55 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
The iMac will support WPA, as will the PSP. However, I'm not sure about the DSi. I know that the DS lite only does WEP, and I'm not sure if they upgraded that.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 29, 2009 8:33 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
DSi upgraded to WPA(2, I believe) capable.

And I just realized I'm a moron, considering I've seen the iMac in question, in person.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
PostPosted: Wed Sep 30, 2009 12:22 am 
Offline
Cheesehead

Joined: Thu Sep 03, 2009 1:15 am
Posts: 465
OS X hardware supports WPA 2 since 10.3 with modern hardware, and 10.3 in OS X terms is like Windows 98 at this point.

FarSky has 10.5 or maybe 10.6 and his equipment is more modern than my Mac by a couple months at least.

_________________
Once, I was a ranger
Then, I was a warlock
And a mage
And a paladin
Now, I seek to be myself


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Sep 30, 2009 3:08 am 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Even my hackintosh PC has 10.8 >.>


Top
 Profile  
Reply with quote  
PostPosted: Wed Sep 30, 2009 3:22 am 
Offline
Eatin yur toes.
User avatar

Joined: Mon Sep 07, 2009 2:49 am
Posts: 836
10.6 is the latest commercial release... you just outed yurself as... FROM TE FUTARRR!


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Oct 02, 2009 3:59 am 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Wait, what? Whatever the latest version before Snow Leopard was, that's what I have. Edit - 10.5.8 is what I meant.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sun Oct 11, 2009 3:07 pm 
Offline
User avatar

Joined: Tue Sep 15, 2009 11:30 pm
Posts: 1776
I'm currently trying to optimize my wireless connections. PS3 manual says it supports WAP-PSK (AES) -- is this the same as WAP2+AES? If not, does any other PS3 owner know if WAP2 connection support was added?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sun Oct 11, 2009 4:15 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Rodahn, you're mixing something up. There is WEP, wired equivalent protocol, which is pretty lousy as it can be fairly easily sniffed and duplicated.

Then, there's WPA, which I don't recall the meaning of, and WPA2, which are more robust. AES is one of the two encryption algorithms WPA can use.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Sun Oct 11, 2009 5:37 pm 
Offline
Not the ranger you're looking for
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 321
Location: Here
Kaffis Mark V wrote:
Rodahn, you're mixing something up. There is WEP, wired equivalent protocol, which is pretty lousy as it can be fairly easily sniffed and duplicated.

Then, there's WPA, which I don't recall the meaning of, and WPA2, which are more robust. AES is one of the two encryption algorithms WPA can use.


Works Progress Administration, created during the Roosevelt administration.

Seriously, Wi-Fi Protected Access.

_________________
"If you haven't got anything nice to say about anybody, come sit next to me." - Alice R. Longworth

"Good? Bad? I'm the guy with the gun." - Ash Williams


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sun Oct 11, 2009 7:47 pm 
Offline
Lean, Mean, Googling Machine
User avatar

Joined: Thu Sep 03, 2009 9:35 am
Posts: 2903
Location: Maze of twisty little passages, all alike
Rodahn: Short answer, yes. WPA2-PSK (AES) falls under the general umbrella of WPA2 EAS.

This all gets confusing, though, so...

WPA and WPA2 have two components - authentication and encryption.

For authentication, they support PSK and EAP.

  • PSK -- Pre-Shared Key. That is, you have manually shared a common key with all the network clients. This is typical for home networks.
  • EAP -- Extensible Authentication Protocol. There is no shared key; clients authenticate with the WiFi access point through a 3rd-party authentication server (ex. RADIUS) using EAP. This is more common in larger corporate networks where stolen laptops = stolen network keys, and where changing a shared key for hundreds of users would be a major pain in the ***.

For encryption, WPA2 supports TKIP or AES. WPA supports TKIP and may support AES as well, but is not required to. This is really the only difference between WPA and WPA2.

  • TKIP -- Temporal Key Integrity Protocol. This is based on the RC4 (Rivest Cipher 4) algorithm. TKIP is very similar to what was used in WEP. While they've patched some of the more serious issues, RC4 is not a very strong cipher these days. This is why SSL has been replaced by TLS for years. WPA/WPA2 is just behind the curve.
  • AES -- Advanced Encryption Standard. Original known as Rijndael, it became known as AES when it won the AES2 competition. Specifically, WPA and WPA2 use AES-256, which uses the longest allowed key length for AES (256 bits). AES along with Serpent and (arguable) Twofish are arguably the strongest published symmetric ciphers in the world.
  • TKIP+AES -- This just means that the router offers both encryption types. It exists so that WPA2 routers can support some old WPA clients that can only use TKIP

The TL;DR version:

WPA2 is backwards and forwards compatible with WPA. Meaning that if your router supports WPA2, you may as well use it even if all of your clients are currently WPA devices.

For WPA2, use TKIP+AES or just plain AES if you know that none of your clients need TKIP (some old WPA devices). It's "safe" to leave TKIP support enabled even if no one is making use of it. Thus, TKIP+AES is by far the easiest configuration since it should support all WPA and WPA2 clients.

As far as I know, WPA routers don't have a TKIP+AES mode. The either only allow AES, or only allow TKIP. In this case, you should definitely use AES mode if you can (i.e., if all clients support it). Use TKIP only if you must support some old WPA client that can't use AES. Doing this will force WPA2 and newer WPA devices to use the weaker TKIP encryption. In this case, consider either getting rid of/upgrading the old TKIP clients, or upgrading your router to to WPA2 so that you can use TKIP+AES.

_________________
Sail forth! steer for the deep waters only!
Reckless, O soul, exploring, I with thee, and thou with me;
For we are bound where mariner has not yet dared to go,
And we will risk the ship, ourselves and all.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 19 posts ] 

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 77 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group