see if router is giving WPA or WPA2?

How can I detect if my router is giving out WPA or WPA2?

Like, to verify it's functioning as I set it.

inSSIDer seems to call both WPA. Is there any other software that says
that'd do it?

In news:9cnne4Ffn4U1@mid.individual.net "tommy alimo"
<tommyalimo@yahoo.com> wrote:

> How can I detect if my router is giving out WPA or WPA2?
>
> Like, to verify it's functioning as I set it.
>
> inSSIDer seems to call both WPA. Is there any other software that says
> that'd do it?

How do you have to configure your laptop (or other device) in order to
connect to it?

--
bert@iphouse.com St. Paul, MN

Bert wrote:

> In news:9cnne4Ffn4U1@mid.individual.net "tommy alimo"
> <tommyalimo@yahoo.com> wrote:
>
> > How can I detect if my router is giving out WPA or WPA2?
> >
> > Like, to verify it's functioning as I set it.
> >
> > inSSIDer seems to call both WPA. Is there any other software that
> > says that'd do it?
>
> How do you have to configure your laptop (or other device) in order to
> connect to it?

well, that's a bit inefficient, i'd rather a program that tells me,
rather than trying and getting an error, and if I were in a situation
where I was unable to connect, then I wouldn't be able to tell by that
method. since that method just looks at what method of connecting works.

On 6 Sep 2011 23:07:48 GMT, "tommy alimo" <tommyalimo@yahoo.com>
wrote:

>How can I detect if my router is giving out WPA or WPA2?
>Like, to verify it's functioning as I set it.

What? You don't trust the manufacturer and its outsourced firmware
programmers?

>inSSIDer seems to call both WPA. Is there any other software that says
>that'd do it?

That's a common complaint about inSSIDer. Try Xirrus wifi inspector,
which I think does it right.
<http://www.xirrus.com/library/wifitools.php>
It will show the default encryption and authentication method.
However, if the router offers WPA-TKIP, WPA-TKIP, and WPA2-AES, it
will only show the highest level of encryption offered and not the
others.
--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831-336-2558
# http://802.11junk.com jeffl@cruzio.com
# http://www.LearnByDestroying.com AE6KS

In news:9cnu67FuohU1@mid.individual.net "tommy alimo"
<tommyalimo@yahoo.com> wrote:

> Bert wrote:
>
>> In news:9cnne4Ffn4U1@mid.individual.net "tommy alimo"
>> <tommyalimo@yahoo.com> wrote:
>>
>> > How can I detect if my router is giving out WPA or WPA2?
>> >
>> > Like, to verify it's functioning as I set it.
>> >
>> > inSSIDer seems to call both WPA. Is there any other software that
>> > says that'd do it?
>>
>> How do you have to configure your laptop (or other device) in order
>> to connect to it?
>
> well, that's a bit inefficient, ...

Sorry; I'd simply assumed that you were actually using your router.

--
bert@iphouse.com St. Paul, MN

>>How can I detect if my router is giving out WPA or WPA2?
>>Like, to verify it's functioning as I set it.
>
>What? You don't trust the manufacturer and its outsourced firmware
>programmers?
>
>>inSSIDer seems to call both WPA. Is there any other software that says
>>that'd do it?
>
>That's a common complaint about inSSIDer. Try Xirrus wifi inspector,
>which I think does it right.
><http://www.xirrus.com/library/wifitools.php>
>It will show the default encryption and authentication method.
>However, if the router offers WPA-TKIP, WPA-TKIP, and WPA2-AES, it
>will only show the highest level of encryption offered and not the
>others.

inSSIDer does distinguish, but apparently only shows the *lowest*
level. I.e. an AP that supports WPA/TKIP and WPA2/AES is shown as
supporting (in the "Privacy" column) "WPA-TKIP", while an AP that is
configured for *only* WPA2/AES is shown as supporting "RSNA-CCMP".

If you *really* want to know, just sniff the beacons and take a look
at the IEs.

Cheers,

Aaron

Jeff Liebermann wrote:

> On 6 Sep 2011 23:07:48 GMT, "tommy alimo" <tommyalimo@yahoo.com>
> wrote:
>
> > How can I detect if my router is giving out WPA or WPA2?
> > Like, to verify it's functioning as I set it.
>
> What? You don't trust the manufacturer and its outsourced firmware
> programmers?
>
> > inSSIDer seems to call both WPA. Is there any other software that
> > says that'd do it?
>
> That's a common complaint about inSSIDer. Try Xirrus wifi inspector,
> which I think does it right.
> <http://www.xirrus.com/library/wifitools.php>
> It will show the default encryption and authentication method.
> However, if the router offers WPA-TKIP, WPA-TKIP, and WPA2-AES, it
> will only show the highest level of encryption offered and not the
> others.

nice program,

--

In message <p3rf67hu1kr7loostpq48ql7rbkdbrahj7@4ax.com> someone claiming
to be Aaron Leonard <Aaron@Cisco.COM> typed:

>
>>>How can I detect if my router is giving out WPA or WPA2?
>>>Like, to verify it's functioning as I set it.
>>
>>What? You don't trust the manufacturer and its outsourced firmware
>>programmers?
>>
>>>inSSIDer seems to call both WPA. Is there any other software that says
>>>that'd do it?
>>
>>That's a common complaint about inSSIDer. Try Xirrus wifi inspector,
>>which I think does it right.
>><http://www.xirrus.com/library/wifitools.php>
>>It will show the default encryption and authentication method.
>>However, if the router offers WPA-TKIP, WPA-TKIP, and WPA2-AES, it
>>will only show the highest level of encryption offered and not the
>>others.
>
>inSSIDer does distinguish, but apparently only shows the *lowest*
>level. I.e. an AP that supports WPA/TKIP and WPA2/AES is shown as
>supporting (in the "Privacy" column) "WPA-TKIP", while an AP that is
>configured for *only* WPA2/AES is shown as supporting "RSNA-CCMP".

Showing either the highest or lowest alone seems to be pointless.

Listing only the lowest gives you a reasonable idea of the minimum level
of security (the level that should probably be assumed) but it doesn't
help if you want to know what capabilities are available to more capable
hardware.

Conversely displaying only the highest is outright stupid since you may
assume your network is appropriately secure when it turns out a majority
of the network uses a less secure choice.

--
It's always darkest before dawn. So if you're going to
steal your neighbor's newspaper, that's the time to do it.

On Fri, 09 Sep 2011 14:40:02 -0700, DevilsPGD
<Still-Just-A-Rat-In-A-Cage@crazyhat.net> wrote:

>In message <p3rf67hu1kr7loostpq48ql7rbkdbrahj7@4ax.com> someone claiming
>to be Aaron Leonard <Aaron@Cisco.COM> typed:
>
>>
>>>>How can I detect if my router is giving out WPA or WPA2?
>>>>Like, to verify it's functioning as I set it.
>>>
>>>What? You don't trust the manufacturer and its outsourced firmware
>>>programmers?
>>>
>>>>inSSIDer seems to call both WPA. Is there any other software that says
>>>>that'd do it?
>>>
>>>That's a common complaint about inSSIDer. Try Xirrus wifi inspector,
>>>which I think does it right.
>>><http://www.xirrus.com/library/wifitools.php>
>>>It will show the default encryption and authentication method.
>>>However, if the router offers WPA-TKIP, WPA-TKIP, and WPA2-AES, it
>>>will only show the highest level of encryption offered and not the
>>>others.
>>
>>inSSIDer does distinguish, but apparently only shows the *lowest*
>>level. I.e. an AP that supports WPA/TKIP and WPA2/AES is shown as
>>supporting (in the "Privacy" column) "WPA-TKIP", while an AP that is
>>configured for *only* WPA2/AES is shown as supporting "RSNA-CCMP".
>
>Showing either the highest or lowest alone seems to be pointless.
>
>Listing only the lowest gives you a reasonable idea of the minimum level
>of security (the level that should probably be assumed) but it doesn't
>help if you want to know what capabilities are available to more capable
>hardware.
>
>Conversely displaying only the highest is outright stupid since you may
>assume your network is appropriately secure when it turns out a majority
>of the network uses a less secure choice.

I admit that I haven't paid attention, but are there really AP's that
support WPA and WPA2 simultaneously? I assumed you had to pick one or
the other.

On Fri, 09 Sep 2011 21:52:22 -0500, Char Jackson <none@none.invalid>
wrote:

>I admit that I haven't paid attention, but are there really AP's that
>support WPA and WPA2 simultaneously? I assumed you had to pick one or
>the other.

<http://www.dd-wrt.com/wiki/index.php/WPA/WPA2>
The question was asked: "WPA2 Pre-Shared Key Only" vs.
"WPA2 Pre-Shared Key Mixed" What is the difference? Is
"Mixed" WPA and WPA2???

BrainSlayer replied: 24 Dec 2005 23:16 In mixed mode, the
unit tries wpa2 first and if its fails it uses wpa1

Note the date. "Mixed mode" has been around for quite a while. Every
current wireless router that I've seen supports "mixed mode".

More:
<https://supportforums.cisco.com/docs/DOC-4349>
<http://www6.nohold.net/Cisco2/GetArt...Wireless_N.xml
--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831-336-2558
# http://802.11junk.com jeffl@cruzio.com
# http://www.LearnByDestroying.com AE6KS

On Fri, 09 Sep 2011 20:01:13 -0700, Jeff Liebermann <jeffl@cruzio.com>
wrote:

>On Fri, 09 Sep 2011 21:52:22 -0500, Char Jackson <none@none.invalid>
>wrote:
>
>>I admit that I haven't paid attention, but are there really AP's that
>>support WPA and WPA2 simultaneously? I assumed you had to pick one or
>>the other.
>
><http://www.dd-wrt.com/wiki/index.php/WPA/WPA2>
> The question was asked: "WPA2 Pre-Shared Key Only" vs.
> "WPA2 Pre-Shared Key Mixed" What is the difference? Is
> "Mixed" WPA and WPA2???
>
> BrainSlayer replied: 24 Dec 2005 23:16 In mixed mode, the
> unit tries wpa2 first and if its fails it uses wpa1
>
>Note the date. "Mixed mode" has been around for quite a while. Every
>current wireless router that I've seen supports "mixed mode".
>
>More:
><https://supportforums.cisco.com/docs/DOC-4349>
><http://www6.nohold.net/Cisco2/GetArt...Wireless_N.xml

Interesting, thanks. I've been using dd-wrt for as long as I can
remember but I've never had a reason to use mixed mode so I just
became oblivious to it.

On Fri, 09 Sep 2011 23:20:04 -0500, Char Jackson <none@none.invalid>
wrote:

>><https://supportforums.cisco.com/docs/DOC-4349>
>><http://www6.nohold.net/Cisco2/GetArt...Wireless_N.xml
>
>Interesting, thanks. I've been using dd-wrt for as long as I can
>remember but I've never had a reason to use mixed mode so I just
>became oblivious to it.

The main reason to use mixed mode is to obtain a secure connection
from crappy client drivers and buggish hardware. I tried to make a
list of protocols, hardware, and versions that wouldn't reliably
connect or stay connected, but gave up. I didn't get consistent,
repeatable, or sane results. I even found a laptop that would connect
with WPA-TKIP, but fail with WPA2-AES on a given access point. When I
upgraded the AP firmware, it was the other way around. I went back
and forth a few times with the firmware just to make sure I wasn't
going insane. My favorite combination is an iBook G3 or G4 stuck on
OS/X 10.4.11 with various wireless routers and firmware versions.
While both WPA and WPA2 are allegedly supported, it usually fails to
connect or stay connected with either. However, WEP works fine.

Every few routers, I find some that support WPA-AES, which is not an
officially supported mode, but probably should be. The problem is
that these routers will associate, connect, and then disconnect
repeatedly. Apparently, they get stuck in some kind of loop trying to
connect with WPA-AES, and after realizing that it's not "legal", they
disconnect looking for another protocol to use, never find it, and
start over again. I doubt it was ever tested because it's probably
not included in the Wi-Fi Alliance certification tests.

Anyway, you have a better chance in dealing with broken, buggy, and
worthless clients using mixed mode encryption.

--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

On Fri, 09 Sep 2011 22:58:43 -0700, Jeff Liebermann <jeffl@cruzio.com>
wrote:

>The main reason to use mixed mode is to obtain a secure connection
>from crappy client drivers and buggish hardware.

<snip good stuff>

>Anyway, you have a better chance in dealing with broken, buggy, and
>worthless clients using mixed mode encryption.

I see now how fortunate I've been to never run into any of that
nonsense. Thanks for the backgrounder.