Professional Web Applications Themes

Airport (not extreme) card, and WEP? WPA? - Mac Networking

Greetings, 3 hopefully simple questions for y'all! I'm a bit cautious about wireless security...and I'm interested in building a small wireless network with as many security features enabled as possible for my iBook. I'm also a Mac neophyte trying his best to get up the learning curve. I have a white iBook dual USB 600MHz/256Mb/20GB/COMBO 14.1" running OS X 10.1.2 that will accept a regular ole Airport card (which I'm about to purchase): Airport Card at CDW.com: [url]http://www.cdw.com/shop/products/default.aspx?EDC=454503[/url] Question 1) "How much security is possible with the non-Extreme Airpot card?" I'm led to believe by this article: AirPort: How to ...

  1. #1

    Default Airport (not extreme) card, and WEP? WPA?

    Greetings,

    3 hopefully simple questions for y'all!

    I'm a bit cautious about wireless security...and I'm interested in
    building a small wireless network with as many security features
    enabled as possible for my iBook. I'm also a Mac neophyte trying his
    best to get up the learning curve.

    I have a white iBook dual USB 600MHz/256Mb/20GB/COMBO 14.1" running OS
    X 10.1.2 that will accept a regular ole Airport card (which I'm about
    to purchase): Airport Card at CDW.com:
    [url]http://www.cdw.com/shop/products/default.aspx?EDC=454503[/url]

    Question 1) "How much security is possible with the non-Extreme Airpot
    card?" I'm led to believe by this article:
    AirPort: How to Join an Encrypted Wireless Network
    [url]http://docs.info.apple.com/article.html?artnum=106424[/url]
    ..that the airport card teams up with the Airport software on the
    computer to enable 128bit WEP to a third party base station (my
    planned Linksys Wireless G router will happily do 128wep).

    Does anyone have a plain ole airport card who's running 128WEP?

    Naturally I'd enable all the usual goodies on the AP to turn off
    SSID broadcasts, change defaults, lock down to specific MAC
    addresses and the like.

    Question 2) Airport software 2.1.1 or later appears to be required for
    128-bit WEP according to
    [url]http://docs.info.apple.com/article.html?artnum=120121[/url]

    Now, that software appears to require OS X 10.2. And...oy, I'm at
    10.1.2. As a complete newbie to the Mac, would some kind sould
    point me the way to get to 10.2 or later (download? buy upgrade)?
    And will I have to pay anything to do so? It appears that the .x
    releases mean "pay Apple more money" is this true?

    Question 3) Does anyone know if firmware or software will be ever be
    available to get the Airport card up to WPA for added security
    over the flawed WEP? A web search yielded "WPA coming with
    Panther" which I further searched to decode this as OS X
    10.3. But I wasn't able to see if the Airport card would be
    along for the ride on that upgrade, or if it'll only be
    available for the Airport Extreme.

    Thanks so much to anyone who can shed some light on these things!

    Best Regards,
    --
    Todd H.
    [url]http://www.toddh.net/[/url]
    Todd H. Guest

  2. #2

    Default Re: Airport (not extreme) card, and WEP? WPA?

    In article <m0wubdd86f.fsfrcn.com>, [email]comphelptoddh.net[/email] (Todd H.)
    wrote:
    > Greetings,
    >
    [snip]
    >
    > Question 2) Airport software 2.1.1 or later appears to be required for
    > 128-bit WEP according to
    > [url]http://docs.info.apple.com/article.html?artnum=120121[/url]
    >
    > Now, that software appears to require OS X 10.2. And...oy, I'm at
    > 10.1.2. As a complete newbie to the Mac, would some kind sould
    > point me the way to get to 10.2 or later (download? buy upgrade)?
    > And will I have to pay anything to do so? It appears that the .x
    > releases mean "pay Apple more money" is this true?
    Basically, yes. You must pay to get any OS past 10.1.x
    Of course, with Panther coming out soon, your best economy for the
    upgrads is to purchase that directly. If you are a student or teacher in
    the USA, educational pricing is available ($69USD). I would recommend
    upgrading, even at the full price, as later versions of OS X are much
    more stable, have more features (e.g. CUPS printing, better access to
    NTFS volumes, etc.), and run faster on supported hardware. Your battery
    life will probably improve as well. Your machine is supported for
    Panther.
    >
    Sorry, I don't have any other answers.
    John Johnson Guest

  3. #3

    Default Re: Airport (not extreme) card, and WEP? WPA?

    In article <m0wubdd86f.fsfrcn.com>, [email]comphelptoddh.net[/email] (Todd H.)
    wrote:
    > I'm a bit cautious about wireless security...and I'm interested in
    > building a small wireless network with as many security features
    > enabled as possible for my iBook. I'm also a Mac neophyte trying his
    > best to get up the learning curve.
    >
    > I have a white iBook dual USB 600MHz/256Mb/20GB/COMBO 14.1" running OS
    > X 10.1.2 that will accept a regular ole Airport card (which I'm about
    > to purchase): Airport Card at CDW.com:
    > [url]http://www.cdw.com/shop/products/default.aspx?EDC=454503[/url]
    >
    > Question 1) "How much security is possible with the non-Extreme Airpot
    > card?" I'm led to believe by this article:
    > AirPort: How to Join an Encrypted Wireless Network
    > [url]http://docs.info.apple.com/article.html?artnum=106424[/url]
    > ..that the airport card teams up with the Airport software on the
    > computer to enable 128bit WEP to a third party base station (my
    > planned Linksys Wireless G router will happily do 128wep).
    >
    > Does anyone have a plain ole airport card who's running 128WEP?
    >
    > Naturally I'd enable all the usual goodies on the AP to turn off
    > SSID broadcasts, change defaults, lock down to specific MAC
    > addresses and the like.
    I think your understanding is correct, however I don't think it's
    relevant to any sort of real security. WEP is easily cracked, and free
    tools are available to do so automatically. It may deter a casual
    snooper who happens to pick up your signal, but it's not "secure" in any
    reasonable sense of the word. Anyone who wants to crack it will find it
    simple to do so.

    If you want your wireless connection to be secure, you need to use SSL
    encryption. If servers you're connecting to don't support this, you can
    secure at least the Airport portion of the connection using SSH
    tunnelling. Anyone listening in on an SSL/SSH-encrypted channel is just
    going to get gibberish. It helps to have a second computer (Mac, Linux,
    Windows, etc) that's not using a wireless link, or an ISP that allows
    SSH connections, if you want to set this up.
    > Question 2) Airport software 2.1.1 or later appears to be required for
    > 128-bit WEP according to
    > [url]http://docs.info.apple.com/article.html?artnum=120121[/url]
    >
    > Now, that software appears to require OS X 10.2. And...oy, I'm at
    > 10.1.2. As a complete newbie to the Mac, would some kind sould
    > point me the way to get to 10.2 or later (download? buy upgrade)?
    > And will I have to pay anything to do so? It appears that the .x
    > releases mean "pay Apple more money" is this true?
    Well, 10.1 was a free update to 10.0.x, but 10.2 was and 10.3 will be
    paid updates. I don't know if that establishes any kind of rule. As
    10.3 is due on October 24, I'd hold off on buying until then.
    > Question 3) Does anyone know if firmware or software will be ever be
    > available to get the Airport card up to WPA for added security
    > over the flawed WEP? A web search yielded "WPA coming with
    > Panther" which I further searched to decode this as OS X
    > 10.3. But I wasn't able to see if the Airport card would be
    > along for the ride on that upgrade, or if it'll only be
    > available for the Airport Extreme.
    Nothing official has been announced, and no information on this subject
    has been leaked.

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See [url]http://www.atomicbird.com/[/url]
    Tom Harrington Guest

  4. #4

    Default Re: Airport (not extreme) card, and WEP? WPA?

    John Johnson <nullinvalid.com> writes:
    > In article <m0wubdd86f.fsfrcn.com>, [email]comphelptoddh.net[/email] (Todd H.)
    > wrote:
    >
    > > Greetings,
    > >
    >
    > [snip]
    > >
    > > Question 2) Airport software 2.1.1 or later appears to be required for
    > > 128-bit WEP according to
    > > [url]http://docs.info.apple.com/article.html?artnum=120121[/url]
    > >
    > > Now, that software appears to require OS X 10.2. And...oy, I'm at
    > > 10.1.2. As a complete newbie to the Mac, would some kind sould
    > > point me the way to get to 10.2 or later (download? buy upgrade)?
    > > And will I have to pay anything to do so? It appears that the .x
    > > releases mean "pay Apple more money" is this true?
    >
    > Basically, yes. You must pay to get any OS past 10.1.x
    > Of course, with Panther coming out soon, your best economy for the
    > upgrads is to purchase that directly. If you are a student or teacher in
    > the USA, educational pricing is available ($69USD). I would recommend
    > upgrading, even at the full price, as later versions of OS X are much
    > more stable, have more features (e.g. CUPS printing, better access to
    > NTFS volumes, etc.), and run faster on supported hardware. Your battery
    > life will probably improve as well. Your machine is supported for
    > Panther.
    > >
    > Sorry, I don't have any other answers.
    Thanks John! Looks like there are several reasons to go with the
    panther upgrade, especially since it will run on this system.

    --
    Todd H.
    [url]http://www.toddh.net/[/url]
    Todd H. Guest

  5. #5

    Default Re: Airport (not extreme) card, and WEP? WPA?

    Tom Harrington <tphpcisys.no.spam.dammit.net> writes:
    > I think your understanding is correct, however I don't think it's
    > relevant to any sort of real security. WEP is easily cracked, and free
    > tools are available to do so automatically. It may deter a casual
    > snooper who happens to pick up your signal, but it's not "secure" in any
    > reasonable sense of the word. Anyone who wants to crack it will find it
    > simple to do so.
    I agree. But it beats nothing as you say, and WPA isn't even
    available for any mac wireless until panther it seems. :-)
    > If you want your wireless connection to be secure, you need to use SSL
    > encryption. If servers you're connecting to don't support this, you can
    > secure at least the Airport portion of the connection using SSH
    > tunnelling. Anyone listening in on an SSL/SSH-encrypted channel is just
    > going to get gibberish. It helps to have a second computer (Mac, Linux,
    > Windows, etc) that's not using a wireless link, or an ISP that allows
    > SSH connections, if you want to set this up.
    I'm quite versed in SSH and use it regularly... but I'm curious how
    you propose its use for securing the connection of the airport
    card-to-wireless endpoint communication. Or if you're talking about
    end to end security of, say unix shell sessions like hte one I'm using
    as I type this.

    FWIW, the security of the actual transmissions isn't so much my
    concern as unauthorized use of my access point.

    > > Question 2) Airport software 2.1.1 or later appears to be required for
    > Well, 10.1 was a free update to 10.0.x, but 10.2 was and 10.3 will be
    > paid updates. I don't know if that establishes any kind of rule. As
    > 10.3 is due on October 24, I'd hold off on buying until then.
    sounds like fine advice. Thanks for the clarification!
    >
    > > Question 3) Does anyone know if firmware or software will be ever be
    > > available to get the Airport card up to WPA for added security
    > > over the flawed WEP? A web search yielded "WPA coming with
    > > Panther" which I further searched to decode this as OS X
    > > 10.3. But I wasn't able to see if the Airport card would be
    > > along for the ride on that upgrade, or if it'll only be
    > > available for the Airport Extreme.
    >
    > Nothing official has been announced, and no information on this subject
    > has been leaked.
    This is the article I'd found, fwiw:
    [url]http://www.geek.com/news/geeknews/2003Jun/bma20030630020622.htm[/url]

    I can't speak to its reliability of course. Microsoft is saying this
    as well, but of course that's to be taken with a grain of salt:
    "Macintosh users will need to wait for the release of Mac OS 10.3
    (Panther) for WPA functionality."
    [url]http://www.microsoft.com/WindowsXP/expertzone/columns/bowman/03july28.asp[/url]

    Thanks again for the useful responses!

    Best Regards,
    --
    Todd H.
    [url]http://www.toddh.net/[/url]
    Todd H. Guest

  6. #6

    Default Re: Airport (not extreme) card, and WEP? WPA?

    In article <m0smm13pdx.fsfrcn.com>, [email]comphelptoddh.net[/email] (Todd H.)
    wrote:
    > > If you want your wireless connection to be secure, you need to use SSL
    > > encryption. If servers you're connecting to don't support this, you can
    > > secure at least the Airport portion of the connection using SSH
    > > tunnelling. Anyone listening in on an SSL/SSH-encrypted channel is just
    > > going to get gibberish. It helps to have a second computer (Mac, Linux,
    > > Windows, etc) that's not using a wireless link, or an ISP that allows
    > > SSH connections, if you want to set this up.
    >
    > I'm quite versed in SSH and use it regularly... but I'm curious how
    > you propose its use for securing the connection of the airport
    > card-to-wireless endpoint communication. Or if you're talking about
    > end to end security of, say unix shell sessions like hte one I'm using
    > as I type this.
    >
    > FWIW, the security of the actual transmissions isn't so much my
    > concern as unauthorized use of my access point.
    Given this "FWIW", I'm not sure it matters, since I was thinking mostly
    of security of data in transit.

    The key is the second computer and/or ISP that I mentioned. I want to
    use Airport, and I don't want someone cracking WEP to be able to
    intercept it. So I do as follows: I start up an SSH connection to my
    ISP, with local port 9110 forwarded to my ISP's mail server port 110
    (which is POP3). Then I set up my email program so that the POP3 server
    is localhost, with port 9110. Now, anyone can listen in on my Airport
    link, but they can't pick up my email. The SSH command would be
    something like this:

    ssh -N -L9110:mail:110 shell

    ....where "mail" is replaced by my ISP's mail server, and "shell" by
    their shell server. (I usually add "-v" to keep an eye on what the
    session's doing). Thanks to my ~/.ssh/config file, the set up is all
    automatic. I have a similar setup for IMAP to a different site, and
    some other ports as well. Any data that's in any way important is
    encrypted before going wireless.

    Since I sometimes have my Powerbook in unfamiliar environments, both
    wired and unwired, I like using this scheme to ensure that anything
    important is encrypted from the local link to my ISP.

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See [url]http://www.atomicbird.com/[/url]
    Tom Harrington Guest

  7. #7

    Default Re: Airport (not extreme) card, and WEP? WPA?

    Tom Harrington <tphpcisys.no.spam.dammit.net> writes:
    > > FWIW, the security of the actual transmissions isn't so much my
    > > concern as unauthorized use of my access point.
    >
    > Given this "FWIW", I'm not sure it matters, since I was thinking mostly
    > of security of data in transit.
    Ah.. gotcha.
    > The key is the second computer and/or ISP that I mentioned. I want to
    > use Airport, and I don't want someone cracking WEP to be able to
    > intercept it. So I do as follows: I start up an SSH connection to my
    > ISP, with local port 9110 forwarded to my ISP's mail server port 110
    > (which is POP3). Then I set up my email program so that the POP3 server
    > is localhost, with port 9110. Now, anyone can listen in on my Airport
    > link, but they can't pick up my email. The SSH command would be
    > something like this:
    >
    > ssh -N -L9110:mail:110 shell
    >
    > ...where "mail" is replaced by my ISP's mail server, and "shell" by
    > their shell server. (I usually add "-v" to keep an eye on what the
    > session's doing). Thanks to my ~/.ssh/config file, the set up is all
    > automatic. I have a similar setup for IMAP to a different site, and
    > some other ports as well. Any data that's in any way important is
    > encrypted before going wireless.
    >
    > Since I sometimes have my Powerbook in unfamiliar environments, both
    > wired and unwired, I like using this scheme to ensure that anything
    > important is encrypted from the local link to my ISP.
    I do something very similar to get news access from a shell account
    where inbound nntp is blocked. SSH is beautiful. :-) So many
    solutions to so many different problems.

    Now that I'm thinking about it, I'd bet that there's a "vpn
    implementation of SSL encrypted VPN between laptop and a
    build-it-yourself PC/access point using Linux on a floppy disk"
    project somewhere on the net, where someone is taking old PC's
    dropping a wireless card and network card into em, and rolling their
    own access points that implement VPN encrytpion from laptop to the
    accesspoint.

    Sure enough...a web search bears fruit:

    Building a wireless access point on Linux
    [url]http://www-106.ibm.com/developerworks/library/l-wap.html?ca=dnt-429[/url]

    Geek love is strong.

    --
    Todd H.
    [url]http://www.toddh.net/[/url]
    Todd H. Guest

Similar Threads

  1. Any use for the Airport Extreme CD?
    By Mark Conrad in forum Mac Networking
    Replies: 4
    Last Post: October 16th, 04:54 PM
  2. Dr Bott and Airport Extreme: How Far?
    By Christopher Moss in forum Mac Networking
    Replies: 0
    Last Post: September 1st, 07:25 PM
  3. Cannot print over Airport Extreme - Help
    By Wonderkid in forum Mac Applications & Software
    Replies: 0
    Last Post: July 14th, 06:36 PM
  4. AirPort Extreme Q
    By DP in forum Mac Applications & Software
    Replies: 2
    Last Post: July 9th, 01:57 AM
  5. airport extreme can't see my ibook
    By benjamin in forum Mac Applications & Software
    Replies: 0
    Last Post: June 25th, 02:21 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139