Security
 svwirelesssecurity.jpg |
The router supports four different types of security settings for your network. Wi-Fi Protected Access (WPA) Pre-Shared key, WPA Remote Access Dial In User Service (RADIUS), RADIUS, and Wire Equivalence Protection (WEP).
Wireless Security in a Nutshell
The Sveasoft WRT54G firmware includes support for several different wireless encryption schemes. Your choice will depend on the modernity of your client hardware and software, and your concern about security and/or the easy ability to allow roaming access.
WEP is the oldest and best supported "wireline" encryption available for 802.11b/g. Unfortunately, WEP is hideously insecure. Unless you change keys very frequently, it can be cracked quickly. However, many older 802.11 cards don't support anything but WEP. If this applies to you, you can buy a new card ot use WEP. For a discussion about some WPA-upgradable cards, see 
http://wifinetnews.com/archives/002875.html. ADD NOTE ABOUT WEP RADIUS SUPPORT HERE?
WPA (pre-shared key and RADIUS) are newer attempts to secure wireless communication. Many new cards support this encryption, and it is generally considered to be a step up from WEP, although it is still susceptible to some forms of attack. WPA also adds support for more sophisticated, RADIUS-based, authentication, although it is unlikely that many home users will spend the time to configure the software necessary to support it. See http://www.hackfaq.org/wireless-networks/wpa-wi-fi-protected-access.shtml for more discussion.
Because your Internet traffic is transmitted to anyone within range who cares to listen, it is always a better idea to use application-level encryption when communicating sensitive data (SSL, SSH, etc). Also remember, the more security you add, the harder time your authorized visiting users will have configuring it.
Available wireless encryption schemes
- WPA Pre-Shared Key - There are two encryption options for WPA Pre-Shared Key, TKIP and AES. TKIP stands for Temporal Key Integrity Protocol. TKIP utilizes a stronger encrytption method and incorporates Message Integrity Code (MIC) to provide protection against hackers. AES stands for Advanced Encryption System, which utilizes a symmetric 128-Bit block data encryption. To use WPA Pre-Shared Key, enter a password in the WPA Shared Key field between 8 and 63 characters long. You may also enter a Group Key Renewal Interval time between 0 and 99,999 seconds.
- WPA RADIUS - WPA RADIUS uses an external RADIUS server to perform user authentication. To use WPA RADIUS, enter the IP address of the RADIUS server, the RADIUS Port (default is 1812) and the shared secret from the RADIUS server.
- RADIUS: RADIUS utilizes either a RADIUS server for authentication or WEP for data encryption. To utilize RADIUS, enter the IP address of the RADIUS server and its shared secret. Select the desired encryption bit (64 or 128) for WEP and enter either a passphrase or a manual WEP key.
- WEP: There are two levels of WEP encryption, 64-bit and 128-bit. The higher the encryption bit, the more secure your network, however, speed is sacrificed at higher bit levels. To utilize WEP, select the desired encryption bit, and enter a passphrase or a WEP key in hexadecimal format.
One page links to SV-Wireless-Security: