NETGEAR WG111U Is WPA Perfect?, Product Support for WPA, Changes to Wireless Access Points

Page 78

User’s Manual for the NETGEAR Super AG Wireless USB 2.0 Adapter WG111U

Is WPA Perfect?

WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the Message Integrity Code (MIC) check within 60 seconds of each other then the network is under an active attack, and as a result, the access point employs counter measures, which includes disassociating each station using the access point. This prevents an attacker from gleaning information about the encryption key and alerts administrators, but it also causes users to lose network connectivity for 60 seconds. More than anything else, this may just prove that no single security tactic is completely invulnerable. WPA is a definite step forward in WLAN security over WEP and has to be thought of as a single part of an end-to-end network security strategy.

Product Support for WPA

Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification.

WPA requires software changes to the following:

Wireless access points

Wireless network adapters

Wireless client programs

Supporting a Mixture of WPA and WEP Wireless Clients

To support the gradual transition of WEP-based wireless networks to WPA, a wireless AP can support both WEP and WPA clients at the same time. During the association, the wireless AP determines which clients use WEP and which clients use WPA. The disadvantage to supporting a mixture of WEP and WPA clients is that the global encryption key is not dynamic. This is because WEP-based clients cannot support it. All other benefits to the WPA clients, such as integrity, are maintained.

However, a mixed mode supporting WPA and non-WPA clients would offer network security that is no better than that obtained with a non-WPA network, and thus this mode of operation is discouraged.

Changes to Wireless Access Points

Wireless access points must have their firmware updated to support the following:

B-16

Wireless Networking Basics

202-10065-01

Page 77 Page 79
Image 78
Page 77 Page 79
Contents 202-10065-01 Technical Support Certificate of the Manufacturer/ImporterFCC Guidelines for Human Exposure Declaration Of ConformityFCC Requirements for Operation in the United States Operation Using 2.4 GHz Channels in France Export RestrictionsMetropolitan Regions with Eased Restrictions in 2.4GHz Band Operation Using 5 GHz Channels in the European Community Allowed 5GHz Channels in Each European Community CountryVii Viii Contents Chapter Configuration Appendix C Preparing Your Network to Work with a Router Glossary Index Audience, Scope, Conventions Manual SpecificationsChapter About This Manual Typographical conventionsHow to Use this Manual Html version of this manualHow to Print this Manual About This Manual Chapter Introduction About the WG111UKey Features 802.11a and 802.11b/g Wireless NetworkingComparison of Wireless Modes Comparing the 802.11a, 802.11b, and 802.11g ModesRoad Map for ‘How to Get There From Here’ What’s in the Box?Road Map for How to Get There From Here If I Want To? What’s Needed? What Do I Do? How Do I?Netgear Super AG Netgear Super AG Wireless Wired network Wirelessly connect Chapter Basic Setup What You Need Before You BeginVerifying System Requirements Determining Placement of the USB Adapter Observing Location and Range GuidelinesTwo Basic Operating Modes Attach fastener to back of plastic cradleWG111U Default Wireless Configuration Settings Basic Installation InstructionsFor Windows XP Users Installing a WG111U Install the Netgear Super AG Wireless USB 2.0 Adapter WG111U Configure your WG111U Verify wireless connectivity to your network For Windows 2000, ME, and 98SE Users Installing a WG111U Found New Hardware Wizard WG111U System Tray Icon Configure your WG111U WG111U Wireless Connection Indicators Interpreting the LED on the WG111U Status LEDLED Descriptions Red Interpreting System Tray Icon ColorsColor Condition Description YellowChapter Configuration Understanding the Configuration OptionsUsing Configuration Profiles Connecting to an Access Point in Infrastructure Mode How to Configure an Infrastructure Mode ProfileRun the WG111U Smart Wireless Wizard Configure the wireless network settings Save your settings in a ProfileConnecting to Another PC in Ad-hoc Mode How to Configure an Ad-hoc Mode ProfileConfigure the PC network settings Ad-Hoc Setting dialog box Ping -t 192.168.0.1 and then click OK What’s on the Statistics Page? StatisticsUnderstanding the Advanced Settings Advanced SettingsEuropean Regulatory Requirements for Transmit Power Control TPC Configuration ProcedureConfiguration Chapter Wireless Security Configuration Understanding the Security OptionsUsing WEP Security Basic Requirements for WEPWEP Security Settings Worksheet Wireless Network Name SsidWEP Security Encryption Key How to Configure WEP Encryption Security Configure the Network Name Ssid settingsConfigure the WEP settings Using WPA-PSK Advanced Security Basic Requirements for WPA-PSKWPA-PSK Security Settings Worksheet How to Configure WPA-PSK Advanced SecurityConfigure the WPA-PSK settings WPA-PSK settings screenWireless Security Configuration Chapter Troubleshooting Basic TipsFrequently Asked Questions Ad Hoc mode is not working correctlyGeneral Questions How to use XP’s own Wireless configuration utility New Hardware Wizard appears after installation has completedTroubleshooting Appendix a Technical Specifications USBTechnical Specifications Appendix B Wireless Networking Basics Wireless Networking OverviewInfrastructure Mode Ad Hoc Mode Peer-to-Peer Workgroup Network Name Extended Service Set Identification EssidWireless Channels Radio frequency channels used are listed in Table B-1 Table B-1 802.11g Radio Frequency ChannelsWEP Wireless Security WEP AuthenticationAccess point have the same WEP are described below Authentication Shared Key Steps Key Size and Configuration WPA Wireless Security How to Use WEP ParametersHow Does WPA Compare to WEP? What are the Key Features of WPA Security? How Does WPA Compare to Ieee 802.11i?Wireless Networking Basics Login Authentication Figure B-3 WPA OverviewFigure B-4 802.1x Authentication Sequence WPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Is WPA Perfect? Supporting a Mixture of WPA and WEP Wireless ClientsChanges to Wireless Access Points Product Support for WPANew WPA information element WPA two-phase authenticationChanges to Wireless Network Adapters MichaelChanges to Wireless Client Programs What You Need To Use a Router with a Broadband Modem Computer Network Configuration RequirementsAppendix C Preparing Your Network to Work with a Router Cabling and Computer HardwareInternet Configuration Requirements Where Do I Get the Internet Configuration Parameters?Record Your Internet Connection Information Preparing Your Computers for TCP/IP Networking Configuring Windows 95, 98, and Me for TCP/IP Networking Installing or Verifying Windows Networking ComponentsInstalling a New Adapter Installing TCP/IP Installing the Client for Microsoft NetworksVerify the Configuration Settings Open the Network PanelSelecting the Windows’ Internet Access Method Verify the Properties IP Address SettingVerifying TCP/IP Properties Configuring Windows NT4, 2000 or XP for IP Networking Open the Network Connection Window Configuring Dhcp of TCP/IP in Windows XP, 2000, or NT4Dhcp Configuration of TCP/IP in Windows XP Go to the Network Connection Status windowGo to Properties Set Dhcp for TCP/IPDhcp Configuration of TCP/IP in Windows Check the Local Area Connection Properties SettingsComplete the configuration Check the Internet Protocol PropertiesDhcp Configuration of TCP/IP in Windows NT4 Go to TCP/IP PropertiesVerifying TCP/IP Properties for Windows XP, 2000, and NT4 Set the TCP/IP PropertiesConfiguring the Macintosh for TCP/IP Networking MacOS 8.6 orMacOS Verifying the Readiness of Your Internet Account Verifying TCP/IP Properties for Macintosh ComputersAre Login Protocols Used? What Is Your Configuration Information?Select the Gateway tab Restarting the Network Glossary Glossary-2 Glossary Glossary-3 Glossary-4 Glossary Glossary-5 Glossary-6 Index NumericsIndex-2
Top Page Image Contents