Wireless LAN.. is it worth it?

Xcellor

Hi,

I'm wondering whether or not to upgrade my network to wireless... Currently I have a 5 or 6 PC network running on traditional switch plugged into ADSL router.

I'd like to hear from people that have done it and if it's reliable. I have a home office and it would be handy to do away with the multitude of cables that run behind radiators and through cracks in doors etc.

What is the range of your typical wireless router? What is the entry level speed approx? How secure are they? Are they difficult to set up?

I'd like to go wireless because Ive installed LANs, servers, switches, hubs, routers but never wireless. Im assuming that the technology used is the same just over the air, i.e. TCP/IP. I studied it all in college but IT classes were always late in the day... and Zzz...

Anywayz ideas, experiences prejudiced and unprejudiced welcome!

X

TimTim

If you have already a working wired lan, there is no reason any sane person would go wireless.

Its easy enough if you know what your doing.

It can be reliable depending on how old your house is and what gear you use
Usually the older it is, the worse wireless will be.

Speed is all depandant on the equipment you use and distance and age of house etc.

Security is a joke, anyone with a few hours to kill will be in your network.

Wireless is based on TCP/IP

Xcellor

TimTim wrote:

Security is a joke, anyone with a few hours to kill will be in your network.

Wireless is based on TCP/IP

I've heard that alright...

I thought there was things like frequency hopping and encryption in some level to prevent that kind of thing.

Well to be honest the wireful LAN works fine. I can't really fault it at all. One thing I find incredibly slow sometimes is windows networking, when you are accessing someones computer on the same workgroup. I've heard of people with the same issue but grew bored of waiting to find out what exactly the cause was. In all other aspects of networking, file transfer, LAN games it's perfect.

X

cregser

http://www.wi-fi.org/OpenSection/design.asp?TID=2

Might be worth a look. I'm still in college and had to do a presentation about WLAN hotspots. I havn't got a wlan network (or a network for that matter) at home. But I'm setting one up and going with good ol' cables. Besides my mobo came with a wlan card which i could use if needed.

WLAN isn't entirely secure (but decent enough) and not really at a stage where it's super duper (speedwise) yet. It's still evolving. I've only really looked at 802.11a b and g. Maybe 802.11i and other new ones are more secure. WLAN gives you mobility with a few trade offs.

Em... Oh yeah, the network can really slow down with a lot of PCs on it. Because wireless is obviously not a great tranmission medium, when you have a load of PCs retransmitting and backing-off and signals bouncing off walls and yada yada... it can get messy. So I'm gonne set up my home network with cables and only use the WLAN card for a laptop or tablet. I wouldn't base my network on it.

Not exactly learnt from experience but from study.

cregser

Another thing, WLAN is advertised at 11Mbps but in reality it's about 5-7Mbps. 7 being generous.

TimTim

Xcellor wrote:

I've heard that alright...

I thought there was things like frequency hopping and encryption in some level to prevent that kind of thing.

Well to be honest the wireful LAN works fine. I can't really fault it at all. One thing I find incredibly slow sometimes is windows networking, when you are accessing someones computer on the same workgroup.

haahha freq hopping in a commercial unit. Thats good. Maybe in army spec comms units you'd get that kinda of security.

Crypto is there in WLAN tech iirc, It would be the WEP/WPA key but of course it can be broken in a few hours. Not sure about WPA though, I know there is weaknesses in certain manufactors units but thats implemntation faults at their end. If I ever was going to run a WLAN on my network there would be a hardware firewall box sitting between my lan and the wlan ap


The slowdown is probaly dns settings. It could be windows trying to resolve your internal ip's and since they would be marked on all dns servers as not usable it would wait and timeout. If you use \\<ip> instead of \\<hostname> that might speed it up a bit. But there is a million other reasons. Thats what would come off the top of my head at the moment

Xcellor

cregser wrote:

Another thing, WLAN is advertised at 11Mbps but in reality it's about 5-7Mbps. 7 being generous.

That's quite ****ty really when you consider that the LAN I have now is 100mb and the newer ones are now 1000mbs.

I knew it was slower but 7mb is what 700kB? (not exact so dont you mathematicians start whining). That's fairly crap.

On another topic completely these new 3G phones aren't exactly cutting edge when you consider they only run at 384kilobits or something max speed... Still I guess progress is progress nonetheless and any steps forward are better than no steps at all.

X

Moriarty

Moved to Nets/Comms.

TimTim

cregser wrote:

Another thing, WLAN is advertised at 11Mbps but in reality it's about 5-7Mbps. 7 being generous.

Thats b spec
a/g go at 54mb/sec (Think a is illegal in europe, interfears with military freq last time I heard)
and n (or whatever its suppoused to be called) ~108mb/sec

Xcellor

TimTim wrote:

haahha freq hopping in a commercial unit. Thats good. Maybe in army spec comms units you'd get that kinda of security.

Crypto is there in WLAN tech iirc, It would be the WEP/WPA key but of course it can be broken in a few hours. Not sure about WPA though, I know there is weaknesses in certain manufactors units but thats implemntation faults at their end. If I ever was going to run a WLAN on my network there would be a hardware firewall box sitting between my lan and the wlan ap


The slowdown is probaly dns settings. It could be windows trying to resolve your internal ip's and since they would be marked on all dns servers as not usable it would wait and timeout. If you use \\<ip> instead of \\<hostname> that might speed it up a bit. But there is a million other reasons. Thats what would come off the top of my head at the moment

I just use DCHP for assigning IPs and even when using direct IPs like 192.168.1.xxx it will yield the same wait almost like it is negotiating something.

With a wireless network can you specify MAC addresses so that only those that were predefined are allowed to access the wireless router? Or have an fixed IP list and again only those IP's can access net resources?

I dunno Im just throwing suggestions, like ive said ive never set up wireless before.

X

cregser

TimTim wrote:

haahha freq hopping in a commercial unit. Thats good. Maybe in army spec comms units you'd get that kinda of security.

What? Maybe in World War 2! Frequency hopping spread spectrum is a standard form of transmission used in all GSM mobile phones! I don't remember if it's used in wlan or not... I think WLAN uses Time Division Multiple Access.

But it could easily use FHSS for security. The problem with that however is the access point and the wireless station need to agree on what FHSS to use and that is transmitted unsecurely (it has to be). If somebody intercepts that, then the security features of FHSS are useless.

cregser

Xcellor wrote:

With a wireless network can you specify MAC addresses so that only those that were predefined are allowed to access the wireless router?

This is an automatic security feature of WLAN. I does have enough features to be idiot proof. But somebody determined enough can easiuly break in. The set up phase of a wlan connection is relativelyy unsecure. A hacker can intercept your MAC address when it is transmitted and use that when they want to access your network.

But that is an issue with 802.11a b and g. I think 802.11e addresses this. That said, most products these days are 802.11g or b

EDIT: about the 802.11es
802.11a - the first one - too expensive
802.11b - cheaper/slower but didn't work with a.
802.11g - as fast as a and is compatible with b
802.11i - addresses speed issues (i think)
802.11e - addresses security (i think)

a,b and g the standards now. i and e are very new.

TimTim

cregser wrote:

What? Maybe in World War 2! Frequency hopping spread spectrum is a standard form of transmission used in all GSM mobile phones! I don't remember if it's used in wlan or not... I think WLAN uses Time Division Multiple Access.

But it could easily use FHSS for security. The problem with that however is the access point and the wireless station need to agree on what FHSS to use and that is transmitted unsecurely (it has to be). If somebody intercepts that, then the security features of FHSS are useless.

FHSS is still used as a security measure in army comms units, as I have the tech manual for a few army spec radios which tells you how to setup FHSS, but since your in the army you aren't restricted to a small freq band, ie you'd have hundereds of different freq's you can use. So it can be secure enough. And it isn't transmitted over air, it has to be loaded into each radio.

cregser

TimTim wrote:

FHSS is still used as a security measure in army comms units,...

...And it isn't transmitted over air, it has to be loaded into each radio.

I'm not disputing that it's used in the army or that it's secure. It was invented in WW2 so it's an old (but effective) technology. I'm tired and I'm probably not explaining myself very well.

FHSS on it's own is impossible to decode if you don't have the original key. If the key is loaded into a radio before hand, that's fine. I'm talking about WLAN here. The protocol for WLAN is 802.11(a,b,g,i or e). The protocol itself, has to be able to talk to any new device on the network. If a device is loaded with it's own FHSS key, then how can it talk to the network? There needs to be a generic key. If it's generic it's not secure. So the network and client agree a FHSS key, but they can only agree with this on an insecure connection. If anybody is listening out for this, then they have the key. But once your connection is set up (and nobody has been listening), THEN your secure.

Get me? It's the connection initiation that's insecure.

Rew

WLAN is Direct Sequense Spred Spectrum (DSSS)

Rew

If you want secure WLAN gear jsut get all WPA gear and use a fairly random key if your using PSK.

cregser

Ah, DSSS... that uses a chipping code.

You might be able to set up a secure netowrk if it's a private one. You could possibly load your own chipping code as TimTim says the military do in FHSS.

It's always good to know your stuff so I'll plug that link again:
www.wi-fi.org

Rew

Id like to see the contacts you have if you can get gear with modifed firware like that. I do have the driver programing manual for Prism chipset cards but im not sure how far it would get you...

Like I said use WPA and dont worry about it. If your really woried wiat for WPA2 stuff.

cregser

Rew wrote:

Id like to see the contacts you have if you can get gear with modifed firware like that. I do have the driver programing manual for Prism chipset cards but im not sure how far it would get you...

I was just taking a guess there (that 802.11e allowed this). But anything's possible. I do engineering so I'm probably thinking too much like an engineer and not enough like a consumer.

Rew

802.11e is just hardware accelerated encryption (AES). WEP with a better algorithm. Only diferance between WPA and WPA2 will be the hardware aceleration, some WPA gear has extra hardware included so that a firmware upgrade will bring it up to 802.11e/WPA2 but its hard to say which gear is the best.

tck

people it takes a LONG time to crack WEP , even on a large volume network, it would seriously takes days and days if not weeks on a single 512k line.

just change your WEP key every few days and you should be okay.