I have a T30 and have been using a WEP key for security. I have learned that this does not afford much security and that WPA is better. I tried unsuccessfully to make this switch with my Linux Network Security software. Does anyone have any suggestions for me? Is the T30 in fact not capable of using this protocol? How can I determine if my hardware will support it? Thanks.

What WiFI card is in the T30? Device manager should tell you. If it's an old 802.11b card chances are it doesn't support WPA. You can install an Intel Pro Wireless 2200bg or 2915bg and it will support WPA.

I got WPA working on my T30. Access Connections has a provision to permit "Windows to Configure Wireless Network". Someone else had suggested that you need WINXP SP3 installed to make that work. I'm not sure how it all came together, and it took a lot of attempts to get it to work, but I was forced to do it as all the other machines on the network are WPA or WPA2.

You need a WiFi card with drivers that support WPA.

If you want to use WPA2 (highly recommended, as WPA security is slowly eroding) and have Windows XP without SP3 you need this hotfix.

Food for thought:
On the street that I live on, there are about 40 houses. 10 of those houses use encryption of some type. The rest use wide open WAPs.

Having any type of encryption in this day and age, is probably enough of a determinate to accomplish what your after.
Dont sweat it.

Ron

WEP takes about 2 minutes to compromise with modern, freely-available tools.

Don't use it.

WPA+AES (*not* WPA+TKIP) is reasonably safe from all but determined attackers.

Your best option is WPA2+AES, assuming you have (or can find) hardware that supports it.

Thanks for your help Rob.
Here's my hardware specs (from lspci): Ethernet controller: Intel Corporation 82801CAM (ICH3) PRO/100 VE (LOM) Ethernet Controller (rev 42)
Is there any way can I tell if this is compatible with the WPA2 protocol?

Intel PRO/100 VE Ethernet - Does not support WPA

That's not even a wireless card. It's a wired network card.

It does not.

Although from what I can tell, this is due to the fact that it's not a wireless network card, and is instead a wired NIC.

I agree. I was reading WiFi WEP hack research papers from SANS back in 2003. Which recent toolkits are you referring to ThinkRob. I might want to do a Self-test on my secondary "old" network which is 802.11 b ONLY!... running WEP for an OLD laptop with a PCMCIA card.

WEP is fine if you are just using an old laptop to browse the web or IRC. I turn on the wireless on my router when I want to IRC with an old laptop in the back yard under the shade trees, and then off when I am in the house (everything is hard wired to a huge switch). If you are doing banking online, ebay or paypal you should be using a direct line and not wireless.

If your bank is not communicating with your browser via ssl, you ought to dump that bank. What makes you think the worst baddies are huddled within 100m of your wireless router? Here in the UK the big ISPs actively snoop on their clients' online activities and market it as a service (I am sure they do this in the US, too). As a result, I use ssh to set-up an encrypted tunnel between my home network and a trusted server. This is not as complete a solution as end-to-end encryption, but it does mean that prying eyes in my neighbourhood up to my ISP see nothing useful, i.e. it is as safe, if not safer than, using a wired connection and my ISP's servers. And it also means that I can use open networks at cafes, work, etc. without fiddling or worrying.

Personally, I run WPA2 and access controls on my wireless router but this is for the same reason I lock my door when I leave my flat: to persuade other basically honest people not to help themselves to my stuff when I am not around.

Incidentally, FSF has developed a Firefox plugin that allows you to interact with several large search services over an encrypted connection.

Things like cache poisoning, update mechanism hijacking, etc. would make me hesitant to *ever* use WEP.

Without regurgitating the talk by the kismet authors at this year's HOPE, suffice it to say connecting to an insecure network and performing even simple tasks like browsing or IRC can result in a compromise with lasting effects.



Nothing fancy, just the usual suspects: kismet, aircrack, metasploit, etc.

I can see this thread is two months old, but for what it's worth, I have a T30 with the "High Rate Wireless LAN Mini-PCI Adapter with Modem II". This is one of the older adapters of it's type, I think, and for years I thought it was only capable of WEP, not WPA. I was running Windows 2000. Then I upgraded to XP SP3 and the latest drivers available from Lenovo. It will now do WPA, but not WPA2/AES with my router. Probably only TKIP, still better than WEP.

Here is some T30 encryption info»
viewtopic.php?f=28&t=60575