[McKnight]

Currently, I have my home wireless router set to "not" broadcast its SSID (which is pretty elaborate considering I am fairly OCD). Anyway, I have never had trouble manually entering this information (i.e. SSID and etc.) to enable other devices access. However, my girlfriend's laptop does not recognize the "auto-connect" feature once restarted, shut down, etc.

The only way it does, is if I select: "connect even if network is not broadcasting" (something like that). Along with that it gives a warning of some sort about others invading your computer's privacy. Now, I have never had to check that option before and was wondering a few things:

1) Which computer's privacy... the laptop, or the computer hooked to the router?

2) Is the option "non-broadcast" really worth it for added security?

Thank you very much... I will check back as soon as I can...

[Advertisements]

1) I'm not sure where this error or warning is coming from, but non-broadcasting ssid isn't really a privacy issue in my opinion.
2) It really only adds a minimal layer of security. Anyone with a modern wifi scanner can detect non-broadcasting wlans. It's one of those things that just keeps the honest people honest.

If you really want to be secure, you should use wpa or wpa2 encryption otherwise you're really just wasting time trying to be secure. You could also do something called mac locking, but that becomes tedious to me but is another layer of security.

[Gravity Gripp]

1) I'm not sure where this error or warning is coming from, but non-broadcasting ssid isn't really a privacy issue in my opinion.
2) It really only adds a minimal layer of security. Anyone with a modern wifi scanner can detect non-broadcasting wlans. It's one of those things that just keeps the honest people honest.

If you really want to be secure, you should use wpa or wpa2 encryption otherwise you're really just wasting time trying to be secure. You could also do something called mac locking, but that becomes tedious to me but is another layer of security.

[McKnight]

Thanks so much...

So in conclusion, having an SSID that is 20 characters long that is non-broadcasted; and a WEP is not the most secure?

A decent broadcasted SSID with a WPA is a pretty safe and sure thing?

Thanks...

[Gravity Gripp]

You are correct. Most WEP keys can now be broken in less than 5 minutes. WPA and WPA2 (as far as I know) have yet to be broken. Obviously WPA2 is better than WPA but you should be fine with WPA for now. I personally run WPA2-AES with a broadcasted SSID at my home.

[McKnight]

Thank you very much for your help... I greatly appreciate it.

I have one more question, however, if I may:

When creating a WPA I am prompted to give a duration in which the encryption/key is regenerated. What is a good recommendation for this if I would like security, but also good performance in gaming, networking, etc.?

Currently, the default is 60 minutes...

Thanks again...

[Gravity Gripp]

That sounds like a rotating key, in general the faster the key is rotating the less time for it to be cracked. You will just have to play around with it until you get a working solution. I've used Dymanic WEP a long time ago that had a rotating time of about 5 minutes and didn't seem to have too many issues.


But personally, for home use, I would look at going with a static key just to save headaches but rotating keys are definitely more secure than static keys.

Edited by Gravity Gripp, 03 January 2008 - 10:06 AM.

[McKnight]

Thank you...

I am bit confused at the difference between a static key and rotating key; and how I would determine which I have.

Thanks...

[Gravity Gripp]

A static key is also known as a Pre-Shared Key or a "PSK" for short. This is a key that is pre-defined by you, that is entered onto the computers to gain access to the network. A rotating key is a key that is randomly generated by the router and then pushed down to the computer. Now that I think about it, typically rotating keys are used in conjunction with something called 802.1x authentication which is not typically used in the home.

WPA-PSK is probably what you will want to use and just make sure that you do not use a easily guessable key.

For a little more information, check here.

[McKnight]

Thanks again...

So, if the key is rotating and thus randomly generated by the router; how would I ever be able to add a device to the network (i.e. passphrase is random)?

Thanks...

[Gravity Gripp]

That's where the 802.1x authentication comes in. Basically, you supply a username and password or some other type of authentication and once you have been verified, you will receive the key from the router. Once again, this is mainly used in enterprise environments and I do not recommend it for home use just because of the amount of setup and hardware it would take.

[McKnight]

Thanks...

My router allows for WPA-PSK with a "key lifetime" feature. I am asked to put in a passphrase in which then is not seen after I apply the settings. Also, it does not generate a key that I can see...

I thought I used the passphrase when allowing other devices access. Therefore, what good is a security key; what does it do? Also, which station should I use: g & b, g only, or b only... I am confused with this as well.

Thanks again...

[Gravity Gripp]

The passphrase for WPA-PSK is the key that you will use to connect other devices to your network. So, say a friend comes over and wants to get internet access on his laptop. When he tries to connect to your network, it will ask him for a key, that passphrase is the key you will give him.

802.11b and 802.11g are different wireless standards, really the only thing you should know about these are two things.

1) 802.11g allows more throughput than 802.11b
2) Both standards can have interference from 2.4Ghz devices, including cordless phones.

For more information on 802.11 check here.

[McKnight]

Thank you so much... excuse me for my ignorance; hopefully this will be my last question:

If the passphrase is the key, then what does encryption (key) duration (I have it set to 5 minutes currently) do; will the passphrase change? If not, then what exactly is changing?

Thanks again...

[Gravity Gripp]

Hrm, that is a good question. I'm not exactly sure in this case. What type of router do you have?

[McKnight]

Netgear WGR614 v6

Thanks...