Originally posted by: Mendayen
From my understanding, these products are not WPA-capable.
Does anyone know how realistic it is for someone to be able to break into a WEP-protected network?
Three hours or less? WEP is utterly, utterly, useless these days - at least against a determined attacker. (Note, I've not dared personally test this, but I've read enough about the evolving cracking tools to make the decision to switch my own network over to WPA.)
I don't mean to crap on Allisolm's deal here, but for the security of one's own network, I would in fact have to strongly advise against purchasing any 802.11 gear that isn't at least WPA-capable. In fact, WPA2 is coming out soon, as an enhancement to the original WPA.
Originally posted by: Mendayen
Would it be easy to have automated monitoring for the network? Suppose an intruder manages to access the network, would there be a way to disable the WAN connection or force the router to shut itself down?
I've thought about something like that too - it's called an "IDS". The problem is, with wireless, if they want to sniff and steal data, not steal access, then they can sit in the background, passively cracking your network's (WEP) encryption,
and you'll never know!. That's the real danger here. You could be using WEP, thinking that your network is "secure", and your neighbors could be secretly voyeuristically logging all of the URLs that you visit, etc. It's not all about stealing access, although that is of primary importantance to "wardrivers". The real danger, at least for a fixed-location wireless LAN using weak encryption like WEP, is from other potential fixed-location sniffers. (I have at least 3-4 neighbors here with wireless LANs too, all with WEP enabled.)
The best that WEP can do, really, is serve as a declaration of intent, a "no trespassing" sign, if you will. But it doesn't offer the same level of security, as say, a barbed-wire or razor-wire fence. That's more akin to WPA and WPA2, respectively.
Originally posted by: Mendayen
The prices are attractive. I'm looking to setup a 3+ computer LAN when my family moves and so far it looked like a big investment versus just keeping our current wired setup.
Security-wise, if it's feasable to keep the wired network - do so. The only reason that I'm even on wireless right now, is because of the logistics of running a wired cable through several rooms and hallways, in a location where it's not feasable to drill into the walls. Wireless is fine for general internet-access, but LAN file-sharing, media-streaming, and probably even DVD-burning - it's not fast enough, at least not 802.11g. Perhaps the newest MIMO wireless products will improve upon that.
Still... are the Belkin 'G' routers hackable, with 3rd-party firmware? That would make this deal rather uber-hot, as then you wouldn't have to drop $60 on a WRT just to be able to use hacked firmware. Even if WPA isn't implimented in the factory-stock firmware, if 3rd-party firmwares are available, you can be sure that it will eventually be added, if not already.
(Although performance, if the encryption used by WPA is performed in software, won't be as good as a router that contains hardware-assisted crypto. AFAIK, my WRT65Gv2 has some sort of AES128 hardware module inside, I don't see any noticable performance hit in my DSL line's bandwidth from enabling it. But even slower WPA is better than faster-but-insecure WEP, IMHO.)
mfg's link - no WPA
SeattleWireless docs on hacking this router!
more links to links on hacking Belkin routers
According to that page and the prior one, many/most of these routers are based on the Broadcom network-processor reference-design (like the LinkSys WRT54G series is)... but some of the models/versions only ship with 2MB flash in the unit, which isn't enough space to run the 3rd-party firmwares in. So read up on those different models, and perhaps that will give you enough info to be able to pick out one that might be hackable at the store.
Good luck, sounds like it could be a very worthy YMMV type deal on whether they are hackable or not. Even if it isn't, at $10 AR, it would be worth it to use as a 100Mbit switch for your local LAN even.