Thread: First time home wireless - how to match PC to router - setup question
View Single Post
  #7 (permalink)  
Old 06-10-2007, 01:54 AM
Jeff Liebermann
Guest
  
Posts: n/a
Default Re: First time home wireless - how to match PC to router - setup question
Julie Bove <juliebove@verizon.net> hath wroth:

>On Sat, 09 Jun 2007 16:27:29 -0700, Jeff Liebermann wrote:
>
>> That article is old and from 2003. MS has since then added WPA2
>> support to XP. See:
>> <http://support.microsoft.com/kb/893357>
>
>I'm confused. I have my Windows XP set to update everything so I SHOULD
>have that WPA2 update from Microsoft at
>http://support.microsoft.com/kb/893357 but I DO NOT SEE WPA2 as an option
>in my "wireless zero" interface.

You probably already have this update. Download and install Belarc
Advisor:
<http://www.belarc.com>
It will supply a list of updates, supplements, bug fixed, debris,
junk, and other stuff that Microsoft installs. It's quite a list. It
also marks what's missing and what failed to install. Also, a list of
every piece of hardware, and every software package and version. Very
handy.

>All I see are options for "Open", "Shared", "WPA", & "WPA-PSK".

Well, maybe you don't have the supplement installed. See:
<http://www.microsoft.com/windowsxp/using/security/expert/bowman_wirelesssecurity.mspx>
<http://support.microsoft.com/?id=893357>

>Do you know if WPA-PSK is the same as WPA2 or are they different?

Very different. You're also mixing a few things.

WPA is a temporary kludge thrown together by the Wi-Fi Alliance in an
attempt to do damage control after the WEP fiasco. The encryption is
TKIP/MIC/PPK/IV. The IEEE then adopted the standard as IEEE-802.11i
also known as WPA2. They then threw in a mess of authentication
protocols. AES/CCMP encryption was adopted for WPA2.

This might help fill in some of the details:
<http://www.cisco.com/en/US/netsol/ns339/ns395/ns176/ns178/netqa0900aecd801e3e59.html>
The bottom line is that they're similar in function, but quite
different in implementation.

Ignoring authentication, the relevant combinations available in your
Linksys WRT54G are:
WPA-PSK or WPA-Personal
WPA-RADIUS or WPA-Enterprise
WPA2-PSK
WPA2-RADIUS

You probably won't be using the RADIUS server versions unless you have
an external RADIUS server to handle logins, passwords, and encryption
keys. So, that leaves WPA-PSK (pre-shared key) and WPA2-PSK. Your
choice.

Just to confuse things, the many router firmware implimentations have
an automatic setting for WPA, where it will automagically select
either TKIP or AES encryption, depending on the capeabilities of the
client. It's usually called "WPA2-PSK Mixed" or "WPA-RADIUS Mixed".
This way, you don't have to select one or the other. The router will
work with any of the WPA or WPA2 mutations. You didn't specify your
WRT54G hardware version or firmware version, so I can't check if yours
offers this selection.

A RADIUS server would be nice, but overkill for the typical home user
as it involves either a replacement router, or another box that's on
24 hours per day.

As for authentication protocols, that's usually handled by the client
computah. See:
<http://en.wikipedia.org/wiki/Extensible_Authentication_Protocol>
for a large shopping list.

--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Reply With Quote