1. This forum section is a read-only archive which contains old newsgroup posts. If you wish to post a query, please do so in one of our main forum sections (here). This way you will get a faster, better response from the members on Motherboard Point.

Wireless: 802.11b Internal or 802.11g External ?

Discussion in 'Laptops' started by Joe Stonehurst, Oct 24, 2003.

  1. A notebook PC I want offers internal 802.11b wireless capability as an
    option. There is no 802.11g internal option. I would appreciate
    comments on whether to add the option, or to omit the internal 802.11b
    option and use a 802.11b or 802.11g external PC card.
    In favor of the internal option are that it is internal, so it does
    not take up a PC slot or stick out, and it is tested by the PC maker,
    so it should work properly with that PC. On the other hand, using an
    external PC card would allow me to buy a card and access point set,
    greatly improving the odds that the card and the access point for my
    LAN would be compatible. It would also allow me to use 802.11g, which
    I understand is faster and more secure than 802.11b. Finally, if the
    PC card went bad, I could replace it more easily than an internal
    setup.
    In theory I could take the 802.11b internal option and also use an
    802.11g card, but the two might conflict, and I would be paying for
    both setups but using only one. I am primarily interested in fast,
    secure, trouble-free wireless access to my multi-floor LAN, not net
    surfing at some coffee shop.
     
    Joe Stonehurst, Oct 24, 2003
    #1
    1. Advertisements

  2. One more option: The internal 802.11b is almost certain to be a mini-PCI
    card. You might want to find out how accessible that card is. On my
    ThinkPad, the mini-PCI wireless card is easily replaceable--I replaced the
    original Actiontec card with a Cisco card. (Still 802.11b, but supports the
    LEAP authentication that we use at the office.) 802.11b and g use the same
    frequency--meaning the same antenna works with each, so you can replace an
    802.11b card with an 802.11g card.

    Better yet, can you get the machine "wireless ready", meaning it has the
    antennas preinstalled but no mini-PCI wireless card?

    -Mike
     
    Michael Geary, Oct 24, 2003
    #2
    1. Advertisements

  3. Joe Stonehurst

    Bob H. Guest

    FWIW:

    I recently picked up an Acer 290 notebook with internal 802.11b
    adapter (Centrino = includes: Intel PRO/Wireless LAN 2100 3B Mini PCI
    Adapter, built-in.)

    I also use a Buffalo 11g CardBus adapter in this notebook to access my
    Buffalo 11g wireless router at home. The reason I bought the Buffalo
    card & router was to get WPA security, and to get the faster 11g.

    (The built-in Intel 11b in the Acer notebook does not yet support WPA,
    but Intel has released WPA support for this adapter - now, it's up to
    individual notebook vendors to add it to their drivers. I'm sure Acer
    will release Acer-specific drivers soon to add WPA to the built-in 11b
    adapters in their Centrino notebooks.)

    Both adapters can coexist happily - just remove the card and change
    the router access settings to allow the built-in 802.11b access, if
    desired. This mainly requires making sure the router security
    settings do not require WPA, or the built-in 11b without WPA will not
    be permitted to access the WPA-enabled router.

    Both the built-in 11b and the add-on 11g card can access this router,
    if the router is configured properly.

    The built-in 11b has the advantage of a better antenna arrangement.
    But there are also add-on antennae available for certain types of
    cards to improve card performance in weak signal conditions. The
    Buffalo 11g card is one such card with provision for external antenna
    if desired.

    Have fun!
     
    Bob H., Oct 24, 2003
    #3
  4. Joe Stonehurst

    Vincent Fox Guest

    (Bob H.) writes:

    *snip*

    Get the internal, won't make much difference in everyday use.
    You want secure, plug into the wired ethernet. Sorry, but the TRUTH
    is that wireless is not secure. You can dress it up with a VPN
    over WEP, or WPA when that comes out, but it's still less secure
    than wired ethernet.

    Me I don't take it very seriously though, I only use 64-bit WEP
    at home, however I do have the laptop XP firewall turned on and pretty
    much use encrypted ssh connections for terminal access and when
    web browsing use SSL when available. When I'm doing something
    that I think should be handled at moderate security I go to
    a wired connection.
     
    Vincent Fox, Oct 24, 2003
    #4
  5. Joe Stonehurst

    Rolf Blom Guest

    On 2003-10-24 17:41, Bob H. wrote:
    -snip-
    -snip-

    The HP nx7000/Compac X1000 have the same 2100 mini-pci card, and they
    have the WPA driver available for download.

    As you have the same card, maybe you can try HP/Compacs driver in your
    Acer, until Acer comes out with their own version?

    Assuming Windoze O/S, you also need Microsofts WPA upgrade for the
    connection agent (zero-config for xp, or Intels connection agent) to
    actually use the drivers capability.


    /Rolf
     
    Rolf Blom, Oct 24, 2003
    #5
  6. Joe Stonehurst

    Bob H. Guest

    Thanks for the tip.

    It turns out that Acer's ~Taiwan~ support website for Acer notebooks
    has the later drivers that DO support WPA on that Intel 2100 wireless
    in the Acer Travelmate 290.

    (After I posted that Acer didn't support 802.11 WPA in the Intel
    wireless in the Acer 290, I noticed that Acer USA support website
    drivers are not up to date with Acer Taiwan support website drivers.)

    So the answer is: Yes, the built-in Centrino 802.11b wireless by
    Intel PRO/Wireless LAN 2100 DOES support WPA security.

    HOWEVER: It DOES NOT support the strongest variant of WPA security,
    that is, WPA using AES encryption.

    (I believe that AES is "optional" part of WPA spec. Not all vendors
    will incorporate AES into their products' WPA support, yet.)

    Of course, you can still use that WPA-AES compliant wireless card, in
    addition to the built-in wireless, when you want the better security.
    I consider the built-in to perhaps be useful for public hotspots not
    using WPA.

    Here's some good info by Tim Higgins on WPA:

    http://www.smallnetbuilder.com/Sections-article35-page1.php

    http://www.smallnetbuilder.com/Sections-article50-page1.php

    Aside from much better security, the AES flavor of WPA also yields
    better performance, from what I've read.

    As to the posted comments about the relative inadequacy of ANY
    wireless network security:

    ALL security (not just on wireless networks) is a matter of
    deterrence. There is nothing that is 100% secure. The goal is to
    make it difficult enough for a miscreant to break in that he/she will
    decide to move on and try somewhere else.

    You may decide that since there is no such thing as 100% security, you
    choose to leave your doors unlocked and your keys in your car.
    Personally, I lock my doors, and don't leave my keys in my car - and I
    have alarm stickers whether or not I actually have an alarm.

    It's all about deterrence. At the end of the day, a prowler will pass
    over my house and move on to yours, if you leave yours wide open.
    (And apparently, for many wardrivers, 64bit WEP is so easy to crack
    that it is akin to having only your flimsy screen door latched.)

    And no, my implementation of better security does not mean I'm
    "worried" about it - do not confuse the state of being aware and
    proactive with the state of "worry", because they are not necessarily
    associated.

    A wired network does not have the security issues of a wireless
    network, but wired networks have the drawback of having to pull CAT5
    cable. If you want it to look ok esthetically, that means pulling
    cable thru walls etc. and installing nice wallplates & connectors.
    Very costly, and limiting. (But I have wired Ethernet too - wireless
    is still way too slow for larger file transfers.)

    Wireless has security issues and is slow compared to wired, but the
    above cons of wired plus increasing public wireless hotspots
    availability are what got me started in 802.11.

    If I make my own wireless network difficult enough to break in to, I'm
    betting that any potential miscreant will shrug and move on to easier
    targets, because I don't have anything tempting enough inside my walls
    to justify the effort of trying to break in.

    If I'm using a public hotspot, then I'm stuck with whatever their AP
    is using. In that case, I'll do what I can to lock down my client
    internally - firewall, granular security courtesy of WinXP Pro (NOT
    Home edition), etc. I'll leave super-sensitive files at home. And
    I'll archive frequent Ghost backups, in case I come down with
    something nasty on my machine while I'm out.

    The holes in WEP are well-documented. But I have not seen anything on
    WPA-AES being cracked, yet. It may happen eventually, but as of now,
    it's relatively secure, if configured properly.

    So, my personal take on 802.11 security for the average joe like me,
    on one's own network:

    Use products that fully support WPA with AES encryption, on all
    network nodes (APs and clients). Make sure to actually ENABLE WPA
    with AES on all nodes, and select an AES keyword that is bizarre and
    impossible to guess.

    Furthermore, to complete the security setup:

    1. Limit AP clients to specified MAC addresses.
    2. Disable AP SSID broadcast.
    3. Change the AP ESS-ID to something bizarre and impossible to guess.
    4. Ditto 3 for AP admin password.
    5. Disable AP admin access from the wireless side.
    6. Set the AP to change the AES key frequently.
    7. Disable Ad Hoc mode in all nodes.
    8. If you plan on using only 11g, set AP to 11g-only.
    9. Disable DHCP if using a Router AP. (I consider this an additional
    security measure not essential if doing all of the above.)

    Further comments welcome, especially from those more expert than I.
    :)

    --
     
    Bob H., Oct 25, 2003
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.