I'm wondering if an access point would be the way to go here in the office.
Right now I have a linksys 802.11b wireless cable/dls router/4 port hub. And
I have the DHCP disabled. Basically using it for an access point. But it is
old. WEP and no WPA. No new bios updates since 2002. As of right now, we
manually assign ip addresses to the workstations. Our sonic firewall/router
also has the DHCP disabled. And we are running NT Server 2003. So would a
simple access point be all I would need? I am looking at the linksys Wap54G.
I would assign it an ip address, subnet mask and gateway address. And that
should be it?
> I'm wondering if an access point would be the way to go here in the
> office. Right now I have a linksys 802.11b wireless cable/dls router/4
> port hub. And I have the DHCP disabled. Basically using it for an access
> point. But it is
> old. WEP and no WPA. No new bios updates since 2002. As of right now, we
> manually assign ip addresses to the workstations. Our sonic
> firewall/router also has the DHCP disabled. And we are running NT Server
> 2003. So would a simple access point be all I would need? I am looking at
> the linksys Wap54G. I would assign it an ip address, subnet mask and
> gateway address. And that should be it?
>
> I've read that WPA is much better than WEP.
I hear that using static IP(s) is a tremendous Admin burden and it is better
to use DHCP IP(s). I don't agree with it myself. But how is that working
out for you on the Admin part? Is the Admin part of assigning IP(s) a
tremendous burden for you? It never was for me in my little set-up.
Have you looked at the price difference between a G router that can be
converted into a AP, which I have taken the 11S4W router and converted it
into a switch and connected it to my WatchGuard as opposed to the cost of a
stand alone WAP device.
I have never used a standalone WAP device, but I would think it would have
some better features in the area of security than a router converted to a
switch. I myself would choose a standalone WAP in a business situation
myself if I had to choose between the two.
And WPA is suppose to be a better wireless encryption technology than WEP.
>> I've read that WPA is much better than WEP.
>
> Correct. Wep gets broken in a matter of minutes. Choose a strong
> passphrase for WPA such as
>
> xY%5u*2$h!d$f"h#K@=]H7F8%*n
What makes that a strong passphrase? Do you _know_ it is, or is that a
guess?
--
derek
> > xY%5u*2$h!d$f"h#K@=]H7F8%*n
>
> What makes that a strong passphrase? Do you _know_ it is, or is that a
> guess?
In this case, one that isn't likely to be found in a dictionary or one
that will take computationally too long to brute force crack. If you
want get into statistical analysis of chosen characters then that's
another matter altogether.
> Derek Broughton <news@pointerstop.ca> wrote:
>
>> What makes that a strong passphrase?
>
> Stronger = longer.
> Stronger = more random (less guessable).
I know that, but the question was really meant to ask if it was stronger
because David "felt" it was stronger, or if there was some provable reason
that it was stronger. Essentially, other than trying to use things that
can't be found in a dictionary or well-know book, I haven't ever seen a
discussion of _how_ to make a strong passphrase. In particular, I somehow
doubt that the average human is really capable of making a string "more
random" (though we're all pretty good at longer :-) )
--
derek
> On Thu, 11 Aug 2005 15:49:19 -0300, Derek Broughton
> <news@pointerstop.ca> wrote:
>
>>David Taylor wrote:
>>
>>>> I've read that WPA is much better than WEP.
>>>
>>> Correct. Wep gets broken in a matter of minutes. Choose a strong
>>> passphrase for WPA such as
>>>
>>> xY%5u*2$h!d$f"h#K@=]H7F8%*n
>>
>>What makes that a strong passphrase? Do you _know_ it is, or is that a
>>guess?
>>
> I keep an old church hymn book in my office and use it to compose
> my passphrase. I choose an old familiar song, then use the page
> number, the hymn number and the first letter from each word in
> the first two lines of the song. This is easy to remember, but
> should be nearly impossible for anyone to break.
LOL, after all this time, we're still having a hard time making a cipher
Julius Caesar wouldn't have understood (because, as David said, strong
passphrases are incompatible with humans).
--
derek
> I know that, but the question was really meant to ask if it was stronger
> because David "felt" it was stronger, or if there was some provable reason
> that it was stronger. Essentially, other than trying to use things that
> can't be found in a dictionary or well-know book, I haven't ever seen a
> discussion of _how_ to make a strong passphrase. In particular, I somehow
> doubt that the average human is really capable of making a string "more
> random" (though we're all pretty good at longer :-) )
Well, I'm no mathematician; but it seems to me that randomness
essentially equates to patternlessness for a finite string of
characters. You can prove that a string has a pattern by finding the
formula for the pattern, but I don't know if there's a formal way to
prove that a given string *doesn't* have an undiscovered pattern.
In any case, you're playing the odds when you use passwords and other
combination locks. There's at least some chance that an attacker will
guess even a very long and patternless password on the first try. All
you can do is make it less likely by avoiding known strings, including
known nonsense like "supercalifragilisticexpealidocious".
There's a lot of software that generates passwords. The products are the
result of a mechanical process, of course, so they're not truly
"random"; but they're more patternless than the strings humans tend to
generate.
> because David "felt" it was stronger, or if there was some provable reason
> that it was stronger. Essentially, other than trying to use things that
> can't be found in a dictionary or well-know book, I haven't ever seen a
> discussion of _how_ to make a strong passphrase. In particular, I somehow
> doubt that the average human is really capable of making a string "more
> random" (though we're all pretty good at longer :-) )
Neill Massello wrote:
All
> you can do is make it less likely by avoiding known strings, including
> known nonsense like "supercalifragilisticexpealidocious".
>
Access Point 
Linear Mode
