WEP, WPA or MAC Filtering - Which is best
 

I currently have my Belkin router's security set to WPA. When trying to connect my Nintendo DS lite to the net I discovered that WPA security settings is not supported and I either have to switch it off or change to WEP or MAC Filtering.
I was under the impression that WPA is safer/better than WEP. Is this true? So why would Nintendo not support it. Ideally I dont want to go for MAC Filtering (it's a lot more rigid isnt it?) as it means other people wont be able to connect to my wireless when they bring their laptops round. Plus I dont want to go and get all the MAC addresses for 2 laptops and the numerous phones and hand held consoles we have at home.
Can someone show me the light as to what I should be doing.

Re: WEP, WPA or MAC Filtering - Which is best
 

WEP is horribly broken, a few minutes and i can be on your ssytem and reading your data.
MAC filtering can easily be bypassed
WPA is the only secure way to go

Re: WEP, WPA or MAC Filtering - Which is best
 

That's what I thought.... so how do I go about racing people on line on the DS at home? Do I have to change settings everytime I want to play?

Re: WEP, WPA or MAC Filtering - Which is best
 

perhaps run 2 wifi routers, set one to WEP and plug it in as needed.

Re: WEP, WPA or MAC Filtering - Which is best
 

WPA, With MAC filtering as well.

Re: WEP, WPA or MAC Filtering - Which is best
 

As above posters, WPA is the preferred option, as long as your network enabled devices can handle it.

Use a strong long key (password/passphrase), something around 20 characters should be sufficient, and consider a regular key change, weekly if you can handle it.

MAC filtering can help, but has to be part of the overall solution, not the only solution. I know its a pain listing all the wireless devices, but it can help by adding tht extra security layer, and should be considered.

Also make sure your access to the router configuration system is password protected, and regularly change that also.

Oh, and on the subject of router configuration, turn off upnp, I'll drop in the reason why another time, I don't seem to have my usual bookmarks to wireless security.

EDIT: Got this one real quick

Re: WEP, WPA or MAC Filtering - Which is best
 

So can I use MAC filtering in conjuntion with WPA. Does that mean that if a console/laptop is on the MAC filter list, it can connect to the router even if it doesnt have the WPA password? And those not on the list will connect via WPA (if they have the password)

Re: WEP, WPA or MAC Filtering - Which is best
 

You could get the Nintendo WiFi dongle thing. It's basically a USB WiFi adaptor for your PC which uses a proprietary encryption method supported by the DS.

Instead of dropping the router's security down to the easily defeated WEP, so you can connect the DS to it, the DS wirelessly connects to the USB WiFi adaptor, which shares your PC's internet connection with the DS using ICS (Internet Connection Sharing).

Re: WEP, WPA or MAC Filtering - Which is best
 

No, two layers of security

The connecting device must have its network MAC address added to the allowed list AND have the appropriate encryption protocol and passphrase.

Sorry, missed your point of the DS Lite, to be honest, if you care about security, don't downgrade your security protocol just for the DS lite, it honestly isn't worth it.

Re: WEP, WPA or MAC Filtering - Which is best
 

Ah... perhaps not.

Bit of hunting for it found the Wikipedia entry, which says that Nintendo have actually discontinued it, plus it was apparently a right pain to set up & was incompatible with some software firewalls such as ZoneAlarm.


http://en.wikipedia.org/wiki/Nintend..._USB_Connector

Re: WEP, WPA or MAC Filtering - Which is best
 

Hmmmm, didn't think about that option. :)

I'll not be telling that to the missus.

Re: WEP, WPA or MAC Filtering - Which is best
 

Thanks Matt, I didnt think of that, mainly because I was hoping not to spend more money than I have to.

If my router had a USB slot in it could I plug the dongle into that? I am looking to upgrade my router anyway and was wondering if this would be possible. The reason I ask is that we dont have a desktop connected to the router, just use laptops in the house. Also I'm assuming the PC would have to be on?

Re: WEP, WPA or MAC Filtering - Which is best
 

A 'cheap' set of homeplug adapters would do the trick as well (I'm assuming the DS has ethernet). One homeplug plugs into the router, the other into the DS

http://www.ebuyer.com/search?page=3&...vancy&limit=10

Re: WEP, WPA or MAC Filtering - Which is best
 

Unfortunately, as I posted in my update, it seems it's been discontinued.

I suppose you may be able to find one somewhere though.

You couldn't plug it into the router - it would have to connect to a PC (desktop or laptop), and the PC would have to be running to share its own connection with the DS.



No ethernet on the DS - just WiFi with obsolete WEP (& the proprietary encryption for a dongle that has been discontinued).

Re: WEP, WPA or MAC Filtering - Which is best
 

Ditto I use a combination of WPA/MAC Filtering as well. :)

Re: WEP, WPA or MAC Filtering - Which is best
 

Exactly, its all about layers :)

Re: WEP, WPA or MAC Filtering - Which is best
 

WEP's fine, unless you happen to be in toxic neighbourhood full of script-kiddies. As 66 says that easiest and simplest solution is to run two wireless routers, you can get these for virtually nothing these days in tesco etc.. Just run WEP on the 2nd one for the DS, put on MAC filtering if you have to, but frankly it's over-kill.
m

Re: WEP, WPA or MAC Filtering - Which is best
 

Although if you live near a busy road, or, as I do, a car park , where a car parked with people sitting in it would not look out of place.

And yes, I did have someone get into my network that way (I live less than 100 metres from the car park). Having said that, I had temporarily removed the security on my wireless so I could check a couple of things.

Of course, when I found out what had happened, I changed the network SSID and enabled WPA again.

Re: WEP, WPA or MAC Filtering - Which is best
 

WPA(2) and MAC filtering is your best bet.

Re: WEP, WPA or MAC Filtering - Which is best
 

Exactly what I use... ;)

Re: WEP, WPA or MAC Filtering - Which is best
 

Yup - me too.

Re: WEP, WPA or MAC Filtering - Which is best
 

i can't see the point of using MAC filtering when using WPA/WPA2, they aren't broken like WEP no one is going to hack your system with it off.
just use WPA and a decent password.

Re: WEP, WPA or MAC Filtering - Which is best
 

Ahem....

Link

"All IT/Tech geeks know that WEP can be cracked with relative ease, but what is not as well know is how quick/easy it is to crack WPA-PSK encrypted network"

and Link2

Re: WEP, WPA or MAC Filtering - Which is best
 

only brute force dictionary attacks can crack WPA/WPA2, aircrack only does dictionary attacks on WPA/WPA2.
even the most recent attack on WPA semi broke TKIP encryption which would only let you see routing information and not any usable data and TKIP has been replaced with AES.

see SN #170
http://www.grc.com/securitynow.htm

also see
http://www.aircrack-ng.org/doku.php?id=cracking_wpa

just use a decent password with WPA and forget about MAC filtering.

Re: WEP, WPA or MAC Filtering - Which is best
 

Looks like no Mario Karts on the internet with the DS :(

Re: WEP, WPA or MAC Filtering - Which is best
 

Why do people keep ignoring the OP's question and just stating what they use!! Does it help him???

How about buying a DSi?? that uses WPA and WPA2

Re: WEP, WPA or MAC Filtering - Which is best
 

If you want to use the DS then you cannot use WPA. I'd use WEP and MAC filtering together - which is what I do at work where the wireless cameras only support WEP.

It's hardly onerous to add a new address if your mate comes round. Bookmark the configuration page.

Re: WEP, WPA or MAC Filtering - Which is best
 

Well I can't buy a DSi because

a) I already have a DS, and
B) it's not available in Pink

Anyway I heard that the DSi will only offer WPA compatibility for software thats specifically written for the DSi. So a copy of mario karts on the DS will still only work with WEP.

---------- Post added at 14:00 ---------- Previous post was at 13:44 ----------

It might be best to go the WEP way and decrease my security. It could prove a good defence just incase Lyons Davidson come round in the future accusing me of illegal file sharing ;). That way I can say "Couldn't have been me Guv" lol.

Re: WEP, WPA or MAC Filtering - Which is best
 

i think it's because the title of the thread asks "WEP, WPA or MAC Filtering - Which is best"...

Re: WEP, WPA or MAC Filtering - Which is best
 

Actually, the O/P has already had some good advice from people who know what they are talking about, and I do include myself in this matter given my particular field of experience. :)

Re: WEP, WPA or MAC Filtering - Which is best
 

wish the EU would mandate all new devices must have WPA.

Re: WEP, WPA or MAC Filtering - Which is best
 

OP: thinking about it, can you pick up a cheap USB Wifi dongle from somewhere? Connect this to your PC and create a second ad-hoc WiFi (WEP-encrypted) network between it and your DS. Create a network bridge and setup ICS. When you are not playing leave the dongle unconnected to minimise security risk.

Any good?

Re: WEP, WPA or MAC Filtering - Which is best
 

If you trade your DS Lite in at Game they will give you 50% off of a DSi

Re: WEP, WPA or MAC Filtering - Which is best
 

If you are planning to upgrade the router why not keep the old one and set it up as a WEP access point only switching it on when you need to use the DS. You could possibly plop it into a DMZ from the new router so if anyone does break in they can't see you home LAN and if the new router has a proper switch they won't be able to see other traffic either.

Re: WEP, WPA or MAC Filtering - Which is best
 

Thanks for that - This is what I'm going to look at once I get my new router.

Re: WEP, WPA or MAC Filtering - Which is best
 

Fearmongering is mostly at the core of this stuff.

Yes WEP can be cracked fairly easily, however your wireless router has a max range and at a guess is advertised at 300 or so meters. This is also reduced by the fabric of your abode. e.g. some houses cannot get wireless upstairs if the router is downstairs.

Which basically means someone attempting to break into your router is either a neighbour or parked outside your house. Following this line the said person is either simply trying to get free broadband or hack your system.

Either way just getting connected to your router doesn't automatically give access to your computer. It doesn't work that way.

One primary argument you will see is something like Online Banking. Even if someone were to get access to your router the other party even scanning promiscuously will still see SSL encrypted traffic.

There are many steps to totally cracking a system not one.

Re: WEP, WPA or MAC Filtering - Which is best
 

I tend to agree. I think you need to put as many layers in to make it as difficult as possible for anyone to be able to use your network - in the hope that they'll move on and try elsewhere.
Fitting a five lever mortice lock doesn't stop a burglar, but adding security lights, burglar alarm, joining a neighbourhood watch scheme, having a dog - all these things together deter the criminal. One on its own would not as much.

Re: WEP, WPA or MAC Filtering - Which is best
 

How hard easy is MAC filtering to crack?

Re: WEP, WPA or MAC Filtering - Which is best
 

on linux

ifdown eth0
macchanger -r eth0
ifup eth0

Re: WEP, WPA or MAC Filtering - Which is best
 

Thats just changing your own mac to some random one and not actually "cracking" any hidden mac.;)

You dont have to "crack" a MAC as such.You just need the right tools to make that hidden MAC visible.Then if you were using Linux you could indeed install Macchanger as per the previous post to then change your own MAC accordingly but you dont actually need to install anything change your own mac.

Re: WEP, WPA or MAC Filtering - Which is best
 

Technically this would be the final step as the above simply sets your mac to a random mac which still won't give access to another system if mac filtering is in place.

You would first have to break the encryption between a client system and the router in order to read the traffic and find out what a legitimate mac is. Then you could spoof (using a method similar to above, p.s. to do the above in windows is a reg key and reboot) the mac address of that client machine.

Though you still have problems here as you will have extemely sporadic network traffic at best as the router would have two different clients with the same mac. It goes on quite a bit more than this but this is enough for the time being.

Hence my comment there are many levels to crack a system. It is not always easy but it happens on rare occasions. As an example a director in my company set up his own web/ftp server (IT had no contact with it) and it was running for 6 + years before it was hacked. Nothing fancy, a simple error he left the Administrator account enabled with a blank password by mistake.

Yes mac filtering is crude and on its own is not recommended but it can be quite an effective deterrent.

---------- Post added at 23:41 ---------- Previous post was at 23:37 ----------

That'll teach me for long posts :)

Re: WEP, WPA or MAC Filtering - Which is best
 

I now write long posts in a text editor....partly for that reason:)

As you mentioned previously it`s all about the neighbors i`d say,in a home environment anyway.The chances of some idiot parked outside are relatively slim so that really only leaves those living around you.
Most of the people i know that do use wireless happily get away with WEP and MAC Filtering(now that it`s on in many cases)when thats all their hardware is capable of but all it takes is one little skiddie living close enough with a capable wireless card/dongle and those routers/networks may well become the little git`s test ground.

Re: WEP, WPA or MAC Filtering - Which is best
 

I'm sorry about bumping such an old thread but i read the faq and it doesn't seem to be any problem with doing so.
The thing is i'm having the same trouble as the OP of this thread , i really dont want to use wep security since it sucks.
So i want to ask , what is that propietary encryption thing ? (im not that knowledgable about this stuff)
what if i have a connection like this:
Adsl modem->Wireless Router(WPA2 encryption)->PC(wired) and Laptop(wireless)
If i connect this nintendo usb dongle thing to my PC , will this allow me to use the ds properly (maybe the dongle doesnt care its in WPA2 and it transmists the wireless connection as WEP?) does this mean mi pc will still be vulnerable as if i was using WEP for the whole thing? or is it safe?
what if i were using a simpler connection like :
Adsl modem->PC (wired) .. and i plug the dongle to my pc.Is it a good idea to do this or i cant still get hacked because of the dongle using wep?

If i didnt explain something correctly please tell me.I've been looking for information about this situation but i cant find anything,so i really hope you guys can help me.Thanks.