network key generation

[Nick Keighley]

HI,

If this is the wrong group then please redirect me.

I've just set up a network router. It works. Hurrah!
I've even enabled security (WAP-128). Is WAP-128 good enough (I'm not
planning
wire fraud, conducting an affair or attempting to overthrow a
government)?

My w-router does stuff like AES.

There's also authentification.

I could also list the MAC addresses that are allowed to use the
router.

I'm mainly concerned about the 128-bit network key I used.
The Windows XP network wizard generated it. Is this ok to use?
It is a random key and not some default?
The randomness is good enough?

To use a second PC I presumably have to load the same key into
the 2nd PC?


thanks and sorry if I'm asking dumb questions.

this stuff is supposed to be used by the average person!

 

[Malke]

HI,

If this is the wrong group then please redirect me.

I've just set up a network router. It works. Hurrah!
I've even enabled security (WAP-128). Is WAP-128 good enough (I'm not
planning
wire fraud, conducting an affair or attempting to overthrow a
government)?

My w-router does stuff like AES.

There's also authentification.

I could also list the MAC addresses that are allowed to use the
router.

I'm mainly concerned about the 128-bit network key I used.
The Windows XP network wizard generated it. Is this ok to use?
It is a random key and not some default?
The randomness is good enough?

To use a second PC I presumably have to load the same key into
the 2nd PC?

You really want to use WPA2, not any form of WEP. All devices on the
wireless network must support WPA2; if they are within the last few
years they will.

Yes, you enter the passphrase onto any computers which you want to allow
to use your wireless network.


Malke

 

[Nick Keighley]

You really want to use WPA2, not any form of WEP. All devices on the
wireless network must support WPA2; if they are within the last few
years they will.

the dialog in Win XP (network properties) the Data Encryption
field offers me "None" or "WEP".

Yes, you enter the passphrase onto any computers which you want to allow
to use your wireless network.

I was more interested in where the key (pass phrase?) came from.
Is the key generated by the Win XP wizard ok?

 

[Malke]

the dialog in Win XP (network properties) the Data Encryption
field offers me "None" or "WEP".



I was more interested in where the key (pass phrase?) came from.
Is the key generated by the Win XP wizard ok?

You do not set wireless encryption in Windows and the key is not
generated by Windows (or any other operating system).You set up wireless
encryption and assign the passphrase in your router from the router's
configuration utility.

At the risk of annoying you further by giving you the right answer
instead of the one you think you want, here is general information as to
how to set up a wireless router:

*****
Have a computer connected to the router with an ethernet cable. Examples
given are for a Linksys router. Refer to your router manual or the
router mftr.'s website for default settings if you don't have a Linksys.
Open a browser such as Internet Explorer or Firefox and in the
addressbar type:

http://192.168.1.1 [enter]

This is the router's default IP address. It will vary between router
mftrs. so check your manual if you don't have a Linksys (Cisco).

This will bring you to router's login screen. The default username is
left blank and the default password is "admin" without the quotes. Enter
that information. You are now in the router's configuration utility.
Your configuration utility may differ slightly from mine.

Click on the Administration link at the top of the page. Enter your new
password. WRITE IT DOWN SOMEWHERE YOU WILL NOT LOSE IT. Re-enter the
password to confirm it and click the Save Settings button at the bottom
of the page. The router will restart and present you with the login box
again. Leave the username blank and put in your new password to get back
into the configuration utility.

Now click on the Wireless link at the top of the page. Change the
Wireless Network Name (SSID) from the default to something you will
recognize. I suggest that my clients not use their family name as the
SSID. For example, you might wish to name your wireless network
"CastleAnthrax" or the like. ;-)

Click the Save Settings and when you get the prompt that your changes
were successful, click on the Wireless Security link which is right next
to the Basic Wireless Settings link (where you changed your SSID). If
you have a newish computer, you will be able to set the Security Mode to
WPA2-Personal. Do that and enter a passphrase. The passphrase is what
you will enter on any computers that are allowed to connect to the
wireless network. WRITE IT DOWN SOMEWHERE YOU WILL NOT LOSE IT.
****

EOT for me.

Malke

 

[Lem]

the dialog in Win XP (network properties) the Data Encryption
field offers me "None" or "WEP".



I was more interested in where the key (pass phrase?) came from.
Is the key generated by the Win XP wizard ok?

You probably are talking about the Windows XP "Wireless Network Setup
Wizard." From the posts I've seen, this "wizard" appears to generate a
fair share of problems. You do not need to use this wizard, and in many
cases you *can't* use it to configure your router because not all
wireless routers are compatible with "Windows Connect Now" technology.

I've never seen the details of how WinXP generates a passkey (if you
select that option), but it probably is a reasonably good random number.
It's certainly better than what many people pick on their own:
1. password
2. 123456
3. qwerty
4. abc123
5. letmein
6. monkey
7. myspace1
8. password1
9. link182
10. (your first name)

If you did not see an option to use WPA instead of WEP, you need to
update your installation of XP. See the picture at paragraph 7 (the box
at the bottom of the screen) here:
http://www.microsoft.com/windowsxp/using/networking/setup/connectnow.mspx

If you are at all concerned with whether the passkey generated by the
WinXP Wireless Network Wizard is "good enough," than you assuredly do
*not* want to use WEP as the encryption technology for your network.
These days, WEP encryption can by cracked in less than 5 minutes using
free utilities available on the Internet. In this regard, see
Microsoft's comment at the "Note" under paragraph 5 of the web page
linked below.

If you need pictures to follow Malke's advice on how to configure your
router, see
http://www.microsoft.com/windowsxp/using/networking/setup/wireless.mspx
(note, however, that -- as Malke wrote -- the default username for many
Linksys routers is blank and not "admin" as shown in the MS web page)

--
Lem -- MS-MVP - Networking

To the moon and back with 2K words of RAM and 36K words of ROM.
http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
http://history.nasa.gov/afj/compessay.htm

 

[Barb Bowman]

first, you should not use WEP. it isn't safe. use WPA2
(http://support.microsoft.com/kb/893357/en-us ) or WPA. make sure
you download and apply the latest firmware for your router. You
probably will not be able to use the WCN wizard with your router (if
you post what router you have, this would help). You should select a
strong passphrase and not use something personal.

HI,

If this is the wrong group then please redirect me.

I've just set up a network router. It works. Hurrah!
I've even enabled security (WAP-128). Is WAP-128 good enough (I'm not
planning
wire fraud, conducting an affair or attempting to overthrow a
government)?

My w-router does stuff like AES.

There's also authentification.

I could also list the MAC addresses that are allowed to use the
router.

I'm mainly concerned about the 128-bit network key I used.
The Windows XP network wizard generated it. Is this ok to use?
It is a random key and not some default?
The randomness is good enough?

To use a second PC I presumably have to load the same key into
the 2nd PC?


thanks and sorry if I'm asking dumb questions.

this stuff is supposed to be used by the average person!

--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

 

[Sooner Al [MVP]]

the dialog in Win XP (network properties) the Data Encryption
field offers me "None" or "WEP".



I was more interested in where the key (pass phrase?) came from.
Is the key generated by the Win XP wizard ok?

You might look for updated drivers for your wireless clients and updated
firmware for the router that would add WPA2/WPA functionality. At a minimum
use WPA with a long random key. You can use Windows Connect Now (WCN) to
setup your network. WCN is nice because you can save off your wireless
encryption settings on a flash drive for later use. If your wireless access
point/router or clients do not support WCN you can easily copy-n-paste the
network key by opening the flash drive and navigating to the
"\Smrtntky\Wsetting.txt" file and copying the key to the wireless access
point/router or client.

http://www.microsoft.com/technet/community/columns/cableguy/cg0604.mspx

Also make sure this is installed...

http://support.microsoft.com/kb/815485

My general wireless security guidelines...

http://theillustratednetwork.mvps.org/LAN/SoHoWirelessSecurity.html

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

 

[Sooner Al [MVP]]

You might look for updated drivers for your wireless clients and updated
firmware for the router that would add WPA2/WPA functionality. At a
minimum use WPA with a long random key. You can use Windows Connect Now
(WCN) to setup your network. WCN is nice because you can save off your
wireless encryption settings on a flash drive for later use. If your
wireless access point/router or clients do not support WCN you can easily
copy-n-paste the network key by opening the flash drive and navigating to
the "\Smrtntky\Wsetting.txt" file and copying the key to the wireless
access point/router or client.

http://www.microsoft.com/technet/community/columns/cableguy/cg0604.mspx

Also make sure this is installed...

http://support.microsoft.com/kb/815485

My general wireless security guidelines...

http://theillustratednetwork.mvps.org/LAN/SoHoWirelessSecurity.html

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

I forgot to add this WPA2 update for XP, although I do see Ms Bowman already
pointed you to that...

http://support.microsoft.com/kb/893357/en-us

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...