Home » Netgear Manuals » Wireless » Netgear WG602v2 » Manual Viewer

Netgear WG602v2 WG602v2 User Manual - Page 78

Is WPA Perfect?, Product Support for WPA, Supporting a Mixture of WPA and WEP Wireless Clients - wg602 v2 firmware

Add to My Manuals
Save this manual to your list of manuals

Page 78 highlights

Reference Manual for the WG602 v2 54 Mbps Wireless Access Point Is WPA Perfect? WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the Message Integrity Code (MIC) check within 60 seconds of each other then the network is under an active attack, and as a result, the access point employs counter measures, which includes disassociating each station using the access point. This prevents an attacker from gleaning information about the encryption key and alerts administrators, but it also causes users to lose network connectivity for 60 seconds. More than anything else, this may just prove that no single security tactic is completely invulnerable. WPA is a definite step forward in WLAN security over WEP and has to be thought of as a single part of an end-to-end network security strategy. Product Support for WPA Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification. WPA requires software changes to the following: • Wireless access points • Wireless network adapters • Wireless client programs Supporting a Mixture of WPA and WEP Wireless Clients To support the gradual transition of WEP-based wireless networks to WPA, a wireless AP can support both WEP and WPA clients at the same time. During the association, the wireless AP determines which clients use WEP and which clients use WPA. The disadvantage to supporting a mixture of WEP and WPA clients is that the global encryption key is not dynamic. This is because WEP-based clients cannot support it. All other benefits to the WPA clients, such as integrity, are maintained. However, a mixed mode supporting WPA and non-WPA clients would offer network security that is no better than that obtained with a non-WPA network, and thus this mode of operation is discouraged. Changes to Wireless Access Points Wireless access points must have their firmware updated to support the following: B-16 M-10181-03 Wireless Networking Basics

Section	Page
Trademarks	2
Statement of Conditions	2
Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice	3
Canadian Department of Communications Compliance Statement	4
CE Declaration of Conformity	5
Contents	7
Chapter 1 About This Manual	13
Audience, Scope, Conventions	13
How to Use this Manual	14
How to Print this Manual	15
Chapter 2 Introduction	17
About the 54 Mbps Wireless Access Point WG602 v2	17
Support for Standards	17
Key Features	18
802.11g Standards-based Wireless Networking	18
Autosensing Ethernet Connections with Auto Uplink	19
Compatible and Related NETGEAR Products	19
System Requirements	19
What’s In the Box?	20
Hardware Description	21
WG602 v2 Wireless Access Point Front Panel	21
WG602 v2 Wireless Access Point Rear Panel	22
Power Socket	22
Reset and Restore to Factory Defaults Button	22
RJ-45 Ethernet Port	22
Detachable Antenna	22
Chapter 3 Basic Installation and Configuration	24
Observing Placement and Range Guidelines	24
Default Factory Settings	25
Understanding WG602 v2 Wireless Security Options	26
Installing the 54 Mbps Wireless Access Point WG602 v2	27
Two Ways to Log In to the WG602 v2	29
How to Log in Using the Default IP Address of the WG602 v2	30
How to Log In to the WG602 v2 Using Its Default NetBIOS Name	31
Using the Basic IP Settings Options	33
Understanding the Basic Wireless Settings	34
Understanding Wireless Security Options	36
Information to Gather Before Changing Basic Wireless Settings	37
How to Configure WEP Wireless Security	38
How to Configure WPA-PSK Wireless Security	39
How to Restrict Wireless Access by MAC Address	40
Chapter 4 Management	43
Viewing General Information	43
Viewing a List of Attached Devices	45
Upgrading the Wireless Access Point Software	45
Rebooting and Resetting Factory Default Options	47
Restoring the WG602 v2 to the Factory Default Settings	47
Using the Reset Button to Reboot or Restore Factory Defaults	47
Changing the Administrator Password	48
Chapter 5 Advanced Configuration	49
Configuring Wireless Bridge or Repeater Links	49
How to Select the Wireless Bridging Access Point Mode	50
How to Configure a WG602 v2 as a Point-to-Point Bridge	51
How to Configure Wireless Multi-Point Bridging	52
How to Configure a WG602 v2 as a Repeater	54
Understanding Advanced Wireless Settings	55
Chapter 6 Troubleshooting	57
Troubleshooting	57
No lights are lit on the access point.	57
The Ethernet LAN light is not lit.	57
The Wireless LAN activity light is not lit.	58
I cannot configure the wireless access point from a browser.	58
I cannot access the Internet or the LAN with a wireless capable computer.	58
When I enter a URL or IP address I get a timeout error.	59
Using the Reset Button to Restore Factory Default Settings	59
Appendix A Specifications	61
Specifications for the WG602 v2	61
Appendix B Wireless Networking Basics	63
Wireless Networking Overview	63
Infrastructure Mode	63
Ad Hoc Mode (Peer-to-Peer Workgroup)	64
Network Name: Extended Service Set Identification (ESSID)	64
Wireless Channels	64
WEP Wireless Security	66
WEP Authentication	66
WEP Open System Authentication	67
WEP Shared Key Authentication	68
Key Size and Configuration	69
How to Use WEP Parameters	70
WPA Wireless Security	70
How Does WPA Compare to WEP?	71
How Does WPA Compare to IEEE 802.11i?	72
What are the Key Features of WPA Security?	72
WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS	74
WPA Data Encryption Key Management	76
Temporal Key Integrity Protocol (TKIP)	77
Michael	77
AES Support	77
Is WPA Perfect?	78
Product Support for WPA	78
Supporting a Mixture of WPA and WEP Wireless Clients	78
Changes to Wireless Access Points	78
Changes to Wireless Network Adapters	79
Changes to Wireless Client Programs	80
Appendix C Network, Routing, Firewall, and Cabling Basics	81
Basic Router Concepts	81
What is a Router?	81
IP Addresses and the Internet	82
Netmask	84
Subnet Addressing	84
Private IP Addresses	87
Single IP Address Operation Using NAT	87
IP Configuration by DHCP	88
Domain Name Server	89
Routing Protocols	89
RIP	89
MAC Addresses and ARP	90
Internet Security and Firewalls	90
What is a Firewall?	91
Stateful Packet Inspection	91
Denial of Service Attack	91
Ethernet Cabling	91
Category 5 Cable Quality	92
Inside Twisted Pair Cables	93
Uplink Switches, Crossover Cables, and MDI/MDIX Switching	94
Appendix D Preparing Your PCs for Network Access	97
Preparing Your Computers for TCP/IP Networking	97
Configuring Windows 98 and Me for TCP/IP Networking	98
Installing or Verifying Windows Networking Components	98
Enabling DHCP to Automatically Configure TCP/IP Settings	99
DHCP Configuration of TCP/IP in Windows 98 and Me	100
Selecting the Windows Internet Access Method	101
Verifying TCP/IP Properties for Windows 98 or Me	101
Configuring Windows 2000 or XP for TCP/IP Networking	102
Installing or Verifying Windows Networking Components	102
DHCP Configuration of TCP/IP in Windows XP	103
DHCP Configuration of TCP/IP in Windows 2000	105
Verifying TCP/IP Properties for Windows XP or 2000	107
Glossary	109
Numeric	109
A	110
B	110
C	111
D	111
E	112
G	112
I	112
L	114
M	114
N	115
P	116
Q	117
R	117
S	117
T	118
U	118
W	118

Match case Limit results 1 per page

Reference Manual for the WG602 v2 54 Mbps Wireless Access Point

B-16

Wireless Networking Basics

M-10181-03

Is WPA Perfect?

WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS)

attacks. If the access point receives two data packets that fail the Message Integrity Code (MIC)

check within 60 seconds of each other then the network is under an active attack, and as a result,

the access point employs counter measures, which includes disassociating each station using the

access point. This prevents an attacker from gleaning information about the encryption key and

alerts administrators, but it also causes users to lose network connectivity for 60 seconds. More

than anything else, this may just prove that no single security tactic is completely invulnerable.

WPA is a definite step forward in WLAN security over WEP and has to be thought of as a single

part of an end-to-end network security strategy.

Product Support for WPA

Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA

standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before

August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification.

WPA requires software changes to the following:

•

Wireless access points

•

Wireless network adapters

•

Wireless client programs

Supporting a Mixture of WPA and WEP Wireless Clients

To support the gradual transition of WEP-based wireless networks to WPA, a wireless AP can

support both WEP and WPA clients at the same time. During the association, the wireless AP

determines which clients use WEP and which clients use WPA. The disadvantage to supporting a

mixture of WEP and WPA clients is that the global encryption key is not dynamic. This is because

WEP-based clients cannot support it. All other benefits to the WPA clients, such as integrity, are

maintained.

However, a mixed mode supporting WPA and non-WPA clients would offer network security that

is no better than that obtained with a non-WPA network, and thus this mode of operation is

discouraged.

Changes to Wireless Access Points

Wireless access points must have their firmware updated to support the following: