GlockTalk.com
Home Forums Classifieds Blogs Today's Posts Search Social Groups



  
SIGN-UP
Notices

Glock Talk
Welcome To The Glock Talk Forums.
Reply
 
Thread Tools Display Modes
Old 03-30-2010, 19:42   #1
F14Scott
CLM Number 283
Luggage
 
F14Scott's Avatar
 
Join Date: Sep 2001
Location: Katy, TX
Posts: 3,988


Open WiFi hot spot by plugging old Wifi router into new secure WiFi router?

I've got a WEP-password-secured, WiFi router plugged into my home DSL connection. About a dozen things in my house are connected to my WiFi network, including laptops, video games, iPod Touches, Netflix boxes, etc. All of them must use a password to connect to my network.

If I were to take an old WiFi router and, via Ethernet cable, connect it to my current router, could that old router now be used as an "open" WiFi hot spot, one that could provide Internet access to guests without a password? If so, would my system be as safe from hacker attack as I am now with my WEP, or would I be opening up the front door?

The reason I ask is that I use an iPod Touch, and find myself wondering why there are a zillion WiFi networks everywhere, but most of them are secure networks. It would seem, if there were an easy, secure way to provide open WiFi, it would be an attractive thing for a business to provide.
__________________
If it jams, force it. If it breaks, it needed replacing anyway.
F14Scott is offline   Reply With Quote
Old 03-30-2010, 19:49   #2
IndyGunFreak
RIP My Friends
 
IndyGunFreak's Avatar
 
Join Date: Jan 2001
Location: Indiana
Posts: 29,697
Send a message via ICQ to IndyGunFreak Send a message via AIM to IndyGunFreak Send a message via MSN to IndyGunFreak Send a message via Yahoo to IndyGunFreak Send a message via Skype™ to IndyGunFreak


Quote:
Originally Posted by F14Scott View Post
I've got a WEP-password-secured, WiFi router plugged into my home DSL connection. About a dozen things in my house are connected to my WiFi network, including laptops, video games, iPod Touches, Netflix boxes, etc. All of them must use a password to connect to my network.

If I were to take an old WiFi router and, via Ethernet cable, connect it to my current router, could that old router now be used as an "open" WiFi hot spot, one that could provide Internet access to guests without a password? If so, would my system be as safe from hacker attack as I am now with my WEP, or would I be opening up the front door?

The reason I ask is that I use an iPod Touch, and find myself wondering why there are a zillion WiFi networks everywhere, but most of them are secure networks. It would seem, if there were an easy, secure way to provide open WiFi, it would be an attractive thing for a business to provide.
Really, it doesn't matter. WEP is about as secure as an unlocked car w/ the keys in the ignition and a big sign on it saying "STEAL ME"... If you live in a neighborhood type setting, where there's possibly kids around. Newsflash, they've probably already cracked your network.

If you don't believe me, google "5min WEP crack"

Some businesses, do provide open networks.
__________________
Quote:
Originally Posted by GioaJack View Post
The fire is no longer my major concern since I am leaving immediately on an unexpected road trip to Indianapolis. Watch the national news over the next couple of days, I'll wave... well, only if I'm cuffed in the front.
RIP Jack

Last edited by IndyGunFreak; 03-30-2010 at 19:51..
IndyGunFreak is offline   Reply With Quote
Old 03-30-2010, 19:55   #3
StuntPilot
Senior Member
 
Join Date: Oct 2006
Location: DFW, TX
Posts: 178
Yes, you could plug another wireless router into the switchport on an existing router. However, any open wireless access point could allow hackers onto your network. Your WEP router is better than nothing, but the WEP keys are easily cracked. Save up and get a router with WPA/WPA2.

To provide 'free' wifi to guests, you could setup a captive portal. This allows a web-based authentication similar to Starbucks. You need a router that supports the firmware upgrade, but the software is open source, and free.

http://coova.org/Overview

http://coova.org/Download

Last edited by StuntPilot; 03-30-2010 at 19:56..
StuntPilot is offline   Reply With Quote
Old 03-30-2010, 20:08   #4
seanmac45
CLM Number 38
Charter Lifetime Member
 
seanmac45's Avatar
 
Join Date: Apr 2000
Location: Brooklyn, NY
Posts: 5,798


Tag for later reference
__________________
"Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter." Ernest Hemingway
seanmac45 is offline   Reply With Quote
Old 03-30-2010, 20:08   #5
Ljunatic
On The Fringe
 
Ljunatic's Avatar
 
Join Date: Oct 2001
Location: Lincoln, Nebraska
Posts: 1,768


My Netgear N router has an option for a separate "guest" wireless network with its own security settings and SSID. You can choose to turn it on and off as needed. It has no access to your local network (unless you want it).

I use mine for the grandkids to connect their ipods .

Last edited by Ljunatic; 03-30-2010 at 20:08..
Ljunatic is offline   Reply With Quote
Old 03-31-2010, 04:50   #6
wct097
Senior Member
 
Join Date: Jan 2000
Location: VA
Posts: 2,183
Your best bet would be to use the 'open' access point as the AP that connects to your DSL, then plug the 'WAN' port on your secure AP to one of the network ports on the open AP. In theory, anyone on your open AP would have the same trouble hacking through your secure AP's firewall as someone on the internet. If you plug your open AP into your secured AP, anyone that authenticates to your network can likely see anything connected to your secure AP.

That said, an open AP allows anyone to access the internet through your connection. This can slow down your access, at best, or get you in legal trouble at worst. Another thing to note, as others have said, WEP isn't secure from anyone wanting to 'hack' your network. Use WPA with a long key.
__________________
-wct097
wct097 is offline   Reply With Quote
Old 03-31-2010, 05:29   #7
MavsX
The Dude Abides
 
MavsX's Avatar
 
Join Date: Jan 2009
Location: Arlington, VA
Posts: 3,033
Quote:
Originally Posted by F14Scott View Post
I've got a WEP-password-secured, WiFi router plugged into my home DSL connection. About a dozen things in my house are connected to my WiFi network, including laptops, video games, iPod Touches, Netflix boxes, etc. All of them must use a password to connect to my network.

If I were to take an old WiFi router and, via Ethernet cable, connect it to my current router, could that old router now be used as an "open" WiFi hot spot, one that could provide Internet access to guests without a password? If so, would my system be as safe from hacker attack as I am now with my WEP, or would I be opening up the front door?

The reason I ask is that I use an iPod Touch, and find myself wondering why there are a zillion WiFi networks everywhere, but most of them are secure networks. It would seem, if there were an easy, secure way to provide open WiFi, it would be an attractive thing for a business to provide.
step 1, get rid of wep, use wpa2. Step 2, give your guests the password for your network. Or if you want, change your password, then when the guests arrive, give them the password. When they leave change the password back or to something else
__________________
Glock 22 .40 S&W
CMMG M4 LEP II
Mossberg 500 Mariner
MavsX is offline   Reply With Quote
Old 03-31-2010, 18:57   #8
prism
more ammo
 
Join Date: Sep 2002
Location: Indiana
Posts: 1,673


get a network cable and let them plug in the wired-way
prism is offline   Reply With Quote
Old 03-31-2010, 20:22   #9
F14Scott
CLM Number 283
Luggage
 
F14Scott's Avatar
 
Join Date: Sep 2001
Location: Katy, TX
Posts: 3,988


I'll do the WEP -> WPA thing; didn't know WEP was so bad.

I can't always allow wired connections, as iPods don't have that capability.

As far as giving out and/or changing passwords, that is the kind of thing I was hoping to avoid. Ideally, as a guy who doesn't want to put a lot of time or effort into a system, I was hoping I could have my secure WiFi router doing its thing for myself and my family, and plugging in an unsecure WiFi router to allow for a free little hotspot for anyone else, no muss, no fuss.

However, I don't want to compromise my (evidently already weak) security, or go through a lot of trouble setting up a system that will be used only rarely. Since I had the old router on hand, I had hoped it would be as simple as plug and play.

Sounds like what I'm suggesting won't work out.
__________________
If it jams, force it. If it breaks, it needed replacing anyway.
F14Scott is offline   Reply With Quote
Old 04-01-2010, 08:04   #10
MavsX
The Dude Abides
 
MavsX's Avatar
 
Join Date: Jan 2009
Location: Arlington, VA
Posts: 3,033
Quote:
Originally Posted by F14Scott View Post
I'll do the WEP -> WPA thing; didn't know WEP was so bad.

I can't always allow wired connections, as iPods don't have that capability.

As far as giving out and/or changing passwords, that is the kind of thing I was hoping to avoid. Ideally, as a guy who doesn't want to put a lot of time or effort into a system, I was hoping I could have my secure WiFi router doing its thing for myself and my family, and plugging in an unsecure WiFi router to allow for a free little hotspot for anyone else, no muss, no fuss.

However, I don't want to compromise my (evidently already weak) security, or go through a lot of trouble setting up a system that will be used only rarely. Since I had the old router on hand, I had hoped it would be as simple as plug and play.

Sounds like what I'm suggesting won't work out.
if you change the password on the access point. All the other machines will prompt for the new password. That's not going to take too long to type in a few passwords. I remember you said 12 devices..still..thats like 15 minutes!

dont worry about not knowing about the wep insecurity. Not everyone is a bunch of nerds like us! Take it easy and good luck
__________________
Glock 22 .40 S&W
CMMG M4 LEP II
Mossberg 500 Mariner
MavsX is offline   Reply With Quote
Old 04-01-2010, 08:09   #11
dotsun
conf t
 
dotsun's Avatar
 
Join Date: Mar 2007
Location: TN
Posts: 1,153
Just remember that you are responsible for what information crosses your network.
dotsun is offline   Reply With Quote
Old 04-01-2010, 11:17   #12
ChristopherBurg
Senior Member
 
Join Date: Dec 2009
Location: Minnesota
Posts: 181
Quote:
Originally Posted by F14Scott View Post
As far as giving out and/or changing passwords, that is the kind of thing I was hoping to avoid. Ideally, as a guy who doesn't want to put a lot of time or effort into a system, I was hoping I could have my secure WiFi router doing its thing for myself and my family, and plugging in an unsecure WiFi router to allow for a free little hotspot for anyone else, no muss, no fuss.
First you're going to have to change all your device's wireless security settings and password when (certainly not if) you move over to WPA. The devices will have to know they are now using security (because WEP isn't security, it's literally as good as nothing these days) and will need to know why type (WPA), what encryption method (you'll have an option of TKIP or AES, use AES as TKIP is broken), and the new pre-shared key (password).

Also as stated plugging in an open access point to your network will eliminate all of your security as that open access point will become the weak link.
__________________
I'm the host of the Truth About Guns podcast. Truth About Guns is a member of the Gun Rights Radio Network.
ChristopherBurg is offline   Reply With Quote
Old 04-01-2010, 12:45   #13
Pierre!
NRA Life Member
 
Pierre!'s Avatar
 
Join Date: Jun 2003
Location: Lovin Sparks Nv!
Posts: 4,139
Might as well make sure that you understand that WPA is also VERY crackable/hackable today.

You DO need WPA2... not just WPA.

HTH
__________________
The Seeber Consulting Blog

Download YOUR copy of Internet Safety Tips - "The Essentials"!
My Gift to You, AND it's >FREE<
Pierre! is offline   Reply With Quote
Old 04-01-2010, 14:05   #14
ChristopherBurg
Senior Member
 
Join Date: Dec 2009
Location: Minnesota
Posts: 181
Quote:
Originally Posted by Pierre! View Post
Might as well make sure that you understand that WPA is also VERY crackable/hackable today.

You DO need WPA2... not just WPA.

HTH
That's actually a misconception. WPA2 is nothing more than the mandatory implementation of optional components of WPA. The main difference is the use of AES encryption is now mandatory whereas WPA it was optional (with the options being either TKIP or AES).

The optional clauses were there to preserve backwards comparability (many older devices were unable to support AES with a simple firmware update whereas TKIP used rotating WEP keys so most devices could be upgraded to work with it). The encryption method TKIP itself is broken not any particular part of WPA's authentication mechanism.

If you use WPA with AES you are in essence using WPA2.
__________________
I'm the host of the Truth About Guns podcast. Truth About Guns is a member of the Gun Rights Radio Network.

Last edited by ChristopherBurg; 04-01-2010 at 14:05..
ChristopherBurg is offline   Reply With Quote
Old 04-01-2010, 14:42   #15
Pierre!
NRA Life Member
 
Pierre!'s Avatar
 
Join Date: Jun 2003
Location: Lovin Sparks Nv!
Posts: 4,139
Quote:
Originally Posted by ChristopherBurg View Post
That's actually a misconception. WPA2 is nothing more than the mandatory implementation of optional components of WPA. The main difference is the use of AES encryption is now mandatory whereas WPA it was optional (with the options being either TKIP or AES).

The optional clauses were there to preserve backwards comparability (many older devices were unable to support AES with a simple firmware update whereas TKIP used rotating WEP keys so most devices could be upgraded to work with it). The encryption method TKIP itself is broken not any particular part of WPA's authentication mechanism.

If you use WPA with AES you are in essence using WPA2.
Interesting - So you are saying that the TKIP offered with WPA2 is implemented with AES? Or that the TKIP offered on WPA2 is also broken, and that only the AES method is solid... And that this was all a ploy to get me to Draft N 300 "Turbo" MBPS... Right?
__________________
The Seeber Consulting Blog

Download YOUR copy of Internet Safety Tips - "The Essentials"!
My Gift to You, AND it's >FREE<
Pierre! is offline   Reply With Quote
Old 04-01-2010, 14:50   #16
ChristopherBurg
Senior Member
 
Join Date: Dec 2009
Location: Minnesota
Posts: 181
Quote:
Originally Posted by Pierre! View Post
Interesting - So you are saying that the TKIP offered with WPA2 is implemented with AES? Or that the TKIP offered on WPA2 is also broken, and that only the AES method is solid... And that this was all a ploy to get me to Draft N 300 "Turbo" MBPS... Right?
WPA2 can not be used with TKIP by definition. The mandatory use of AES in place of TKIP is the only real difference between WPA and WPA2. If an access point is offering the ability to use WPA2 with TKIP it is not actually WPA2.

TKIP uses a series of rotating WEP keys and can not be implemented with AES.

AES is the only secure encryption method currently available to 802.11 access points. All other encryption methods should be avoided.
__________________
I'm the host of the Truth About Guns podcast. Truth About Guns is a member of the Gun Rights Radio Network.
ChristopherBurg is offline   Reply With Quote
Old 04-01-2010, 14:56   #17
Pierre!
NRA Life Member
 
Pierre!'s Avatar
 
Join Date: Jun 2003
Location: Lovin Sparks Nv!
Posts: 4,139
Quote:
Originally Posted by ChristopherBurg View Post
WPA2 can not be used with TKIP by definition. The mandatory use of AES in place of TKIP is the only real difference between WPA and WPA2. If an access point is offering the ability to use WPA2 with TKIP it is not actually WPA2.

TKIP uses a series of rotating WEP keys and can not be implemented with AES.

AES is the only secure encryption method currently available to 802.11 access points. All other encryption methods should be avoided.
HA HA... I was just coming back to post that I got this exact info after you shared the diff between the WPA & WPA2...

So it WAS a plot to get me to move to Draft N ...

I will be changing my WiFi setup before too long!

Thanks for the heads up on this ChristopherBurg.
__________________
The Seeber Consulting Blog

Download YOUR copy of Internet Safety Tips - "The Essentials"!
My Gift to You, AND it's >FREE<
Pierre! is offline   Reply With Quote
Old 04-01-2010, 17:16   #18
ChristopherBurg
Senior Member
 
Join Date: Dec 2009
Location: Minnesota
Posts: 181
No problem. I had to study various wireless security suites for a job once so I gained quite a bit of knowledge in the process.

That does bring me to another option. Depending on the devices that need to be setup you can look into Wi-Fi Protected Setup. It makes setting up devices with WPA using AES much easier.

Access points that are equipped with it will have a button on them. You press the button on the access point and then there will be a mechanism to activating the setup on the other device (usually a software button). Activate that button and they will automatically sync up and you'll have a secure connection. Here is a better explanation:

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup

The only downside is not many devices support it at this point.
__________________
I'm the host of the Truth About Guns podcast. Truth About Guns is a member of the Gun Rights Radio Network.
ChristopherBurg is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -6. The time now is 13:57.



Homepage
FAQ
Forums
Calendar
Advertise
Gallery
GT Wiki
GT Blogs
Social Groups
Classifieds


Users Currently Online: 1,137
339 Members
798 Guests

Most users ever online: 2,244
Nov 11, 2013 at 11:42