While all these attacks are possible, in the real world why would anyone bother? They can just find a completely unsecured system by driving down the street. There’s no need to crack a password since there are still plenty of unsecured ones.
That really does stink.
Hint: If you can use an ethernet cable, then you can connect to a wireless bridge instead of using the built-in wifi or a proprietary wifi adapter.
Yes and no.
The DS supports only WEP. The DSi allows both WPA and WEP. (As does the Wii.)
When my son had a DS and absolutely needed, on pain of lingering death, Internet access (Pokemon battles, ya see) I stood up a second WAP that used WEP. But that second WAP was connected to a second VLAN, and the only other device on that VLAN was a dual-homed Linux box running as a DNS server, router and NAT device. It whitelisted the Nintendo IP range, and only the Nintendo IP range, for outbound traffic.
So while anyone could have broken the encryption on that access point, they’d be in a VLAN that let their traffic go to only one destination.
Tremendous waste of resources, though, and I was so very pleased when Bricker Jr opened his new DSi, because I could retire that kludgey setup.
Well, thats very nice, but, taking into account the answers to the OP’s actual question, it does seem a bit like building, and then never leaving, an atomic bomb proof bunker on the grounds that there will probably be a few a few thunderstorms this year, so venturing outside would be to risk getting struck by lightning.
And all this buying and configuring extra hardware to avoid the absolute horror of having to rely on WEP. Of course I know that every other car parked along your street probably has a wardriver in it busily downloading kiddie porn through your neighbors’ cracked WEP connections, but really! :rolleyes:
No, it doesn’t seem like that at all.
Look, the purpose of encryption is to encrypt. WEP does not reliably encrypt. It can’t get much simpler than that.
Now, if in fact there was some huge expense involved in avoiding WEP, perhaps you’d have a point, or at least be in the neighborhood of the point. As it is, you and the point are completely across the state from each other, separated by large mountains, lakes, busy highways, and at least twelve zip codes.
I didn’t have to buy a single extra thing. I had the old WAP from when it was new and I was using it because nothing else existed. I already was running the Linux box. It already had an onboard Ethernet controller (100 MbS) unused, since I had added Gigabit Ethernet to it some time back for reasons unrelated to wireless.
So, I’d say maybe four minutes to plug the WAP in and configure it to a static 10. address. Another three minutes to run ifconfig on the Linux box and get the formerly unused port up and running on that same 10. network. And two minutes to set up the Nintendo DS to use the WAP.
The longest time was spent watching the network traffic of a Pokemon battle via tcpdump to make sure I was whitelisting everything I needed to. I had him do three wifi battles in three different modes and captured the output of tcpdump, grepped to include only his DS address, and a sed and an awk later, had a unique list of IP destinations. Five minutes to add those into the routing table, and I’m done.
What’s the big deal? I admit it’s a waste of resources, but not money. I had everything I needed. And not time, either. It wastes efficiency.