Misc Games cannot access WPA2

[stomp_442]

I got the new Club Penguin - Herbert's Revenge. When I try to access account information I get two options

1) connect to Nintendo Wi-Fi connection
2) Nintendo Wi-Fi connection Setup

well to make a long story short, this game only supports WEP encryption. My router is setup with WPA2 encryption. This is a new game and shoud support what the DSi supports. My DSi XL does support WPA2 and does connect to the internet, but not with this game.

Is there any way to make this game bypass the in game connection settings and use the DSi XL Wi-Fi connection. I am using an AceKard 2i with the latest firmware.

 

[Livin in a box]

Nope.

 

[stomp_442]

Thank for the reply.

Well, that just plain sucks, I have a lot of games that will access only a WEP encryption. I refuse to use WEP encryption, for obvious reasons. What would it take for the programmers to add the option of using the DSi Wi-Fi setting by default. I was at nintendo support and they recommend changing my router security to wep or even disabling the encryption security

 

[Krove]

I know you say you refuse to change it to WEP, but that is the only way to get the DS games to work on wifi with some form of encryption still present.
Change it WEP as long as your router can support MAC Address filtering, set it up only allow these MAC addresses to have access and add all the MAC addresses of your devices that are going to be accessing the wireless router. If someone has enough knowledge to get past both your MAC address filter and the crappy WEP protection, they more than likely would have the knowledge to get past your WPA2 encryption.
Alternatively, turn encryption completely off while playing with the DS and then enable it again when you are done.
I also hate the fact that the Nintendo DS and DS Lite only has the ability for WEP and therefore games made for it are only going to be programmed to use WEP or people wouldn't be able to get on with the Nintendo DS or DS Lite.

 

[Elritha]

Change it WEP as long as your router can support MAC Address filtering, set it up only allow these MAC addresses to have access and add all the MAC addresses of your devices that are going to be accessing the wireless router. If someone has enough knowledge to get past both your MAC address filter and the crappy WEP protection, they more than likely would have the knowledge to get past your WPA2 encryption.

That statement isn't true at all. WEP has known security flaws that allow even a person with hardly any tech background to crack a wireless network in minutes. Getting and cloning a mac address is even easier. WPA2 AES with a long random pass phrase is next to impossible to crack currently. Good luck brute forcing a long non-dictionary phrase.

QUOTE(SickPuppy @ May 31 2010, 09:54 PM) Well, that just plain sucks, I have a lot of games that will access only a WEP encryption. I refuse to use WEP encryption, for obvious reasons. What would it take for the programmers to add the option of using the DSi Wi-Fi setting by default.

For the very same reason I refuse to compromise my network.

 

[Foxi4]

There's a bajizzilion of other methods of making your network secure appart from encryption. For example you can:
1. Lock down the DHCP server and assing IP's to every appliance in your house, so that the ammount of distributed IP's is a set value ranging from, let's say 10.0.9.2 --> 10.0.9.4, 10.0.9.1 being the Router's adress, 10.0.9.2 being the PC and 10.0.9.3 being the DSi. This way no other appliance will be able to connect. Obviously the number of local IP's is limited and it won't take long before your range is hacked, however it takes valuable time. Next method.

2. You can limit the allowed connections to specific MAC adresses as Krove stated - works basically the same as method 1.

Getting and cloning a mac address is even easier.
As far as I know, two identical MAC's cannot access one router at a given time. Even if a MAC is cloned, the router is still secure as long as the "cloned" device is connected.

3. You can disable SSID broadcast - some will say that it can be detected with AirJack or AirMagnet. My answer?

QUOTEIt is undeniably true that there are programs that hackers can use to find out your SSID, but why would they even bother? I went for a simple walk around the block today, and every 10 paces I refreshed the WiFi search on my iPod Touch. I found a total of about 25 wireless signals, 4 of which weren't even secure. No password, no WEP key. Just the SSID. I actually connected to one of them from the street, and I was able to briefly use it for the internet. Now why would a hacker go through all the trouble of decoding your SSID when the majority of wireless connections have a visible SSID that can be picked up from across the road? (...) Although you may not be ENTIRELY safe with a hidden SSID, you're still a hell of a lot less likely to get targeted than anyone else in your street. ~Wi-FiPlanet, post by Penwin

4. You can mix-n-match all of the above.

5. If you're more experianced in programming, you can use a redirection trick by creating a virtual network and asking the router to re-direct all connections comming from mac's that are not included in its list. This way, a hacker will be under a false impression of hacking in, wheras he'll truly be in an empty network, not your own. (often used by companies owning hotspots, theoretically you get connected but once you open a web browser you get to see... their commercial, and methods of paying to get connected X3) It's a difficult task though and for me seems tedious.

Combining a few methods will make hacking your network a long and tiresome task thus making you a less likely target, unless there's someone who likes a challange and has no life living nearby. X3

WEP is not really a problem, even if the password is sniffed, there's still a long way for a hacker to "get in" when he hasn't got an adress assigned or the router doesn't allow his mac to interact with it. It's the Router itself that should have a secure Login and Password.

If you think that WPA or WPA2 lets you sleep comfortably then you're incredibly wrong. There's ALWAYS a way to hack in, even if you stand on your head and clap with your ears.

EDIT: If anyone's REALLY feeling uncomfortable about having WEP, why not simply secure your PC better so nobody does any harm to it? ^^; Firewalls are commonly available, even if someone does hack into a router, you can secure yourself from possible damadge... and in the end of the day, has anyone ever hacked wirelessly any of your computers? It never happened to me, it was always Redtube's fault X3

 

[Elritha]

There's a bajizzilion of other methods of making your network secure appart from encryption. For example you can:
1. Lock down the DHCP server and assing IP's to every appliance in your house, so that the ammount of distributed IP's is a set value ranging from, let's say 10.0.9.2 --> 10.0.9.4, 10.0.9.1 being the Router's adress, 10.0.9.2 being the PC and 10.0.9.3 being the DSi. This way no other appliance will be able to connect.
Not every router allows you to specify a whitelist of ips. Even so, when your DSi isn't connected another person could then connect. With the DHCP server disabled, a user can simply specify an ip address manually...

2. You can limit the allowed connections to specific MAC adresses as Krove stated - works basically the same as method 1.

Getting and cloning a mac address is even easier.
As far as I know, two identical MAC's cannot access one router at a given time. Even if a MAC is cloned, the router is still secure as long as the "cloned" device is connected.


Meaning you would have to keep the DSi constantly connected to the router.

QUOTE3. You can disable SSID broadcast

Which offers virtually no security. You can still see hidden SSIDs.


QUOTE

If you think that WPA or WPA2 lets you sleep comfortably then you're incredibly wrong. There's ALWAYS a way to hack in, even if you stand on your head and clap with your ears.

WPA2 is perfectly fine for home use. With it setup properly it would take -years- to brute force it with a random 63 character phrase. Until of course some flaw is found in it like WEP, or WPA-TSK, or someone uses a short weak phrase.

That said I wouldn't depend on WPA2 for a large corporation network and such.

 

[Foxi4]

Not every router allows you to specify a whitelist of ips. Even so, when your DSi isn't connected another person could then connect. With the DHCP server disabled, a user can simply specify an ip address manually...

Every single router, even a 20$ one has an option to disable the DHCP server and set a range of IP's. A user can simply specify the adress manually, but how will he figure out the range again..? ^^
there are 16,777,216 10.x.x.x adresses, 1,048,576 of 172.16.x.x adresses and 65,536 192.168.x.x adresses, if you specify a pool of 4-5, there's a SLIM chance of hitting the jackpot, especially since you get to know the default gateway of the network upon connection and even if you DO know the default gateway, that still only limits you to one of the adress types. The search is narrowed but far from finished.

Meaning you would have to keep the DSi constantly connected to the router.

Why the DSi? why not the pc? =3 If you're that picky, use System Settings to assign the same MAC your DS uses to the network card in your PC. Either will be connected non-stop if you have a desktop, you'll be able to use only one at a time though so that's kinda silly.

QUOTE

Which offers virtually no security. You can still see hidden SSIDs.

Edited my post, re-read please. Why would anyone do that if there's a zillion that aren't hidden?

Last but not least - aircrack-ng can capture the handshake and inject a cracked pre-shared key already for WPA2 encrypted networks.


=)

EDIT YET AGAIN: Don't get me wrong, I'm far from advertising badly secured networking. The concept which I am clumsily trying to grasp here is that the DS doesn't and won't support anything more advanced than the WEP encryption and you have to come to terms with it and do everything humanly possible to:

1.Have WEP encryption to be able to use Wi-Fi Connection games
2.Have a fairly well-secured network

BOTH at the same time if possible

 

[Elritha]

Every single router, even a 20$ one has an option to disable the DHCP server and set a range of IP's. A user can simply specify the adress manually, but how will he figure out the range again..? ^^

Disabling DHCP server is not the same as whitelisting. I have two Linkys routers one running Tomato and the other DD-WRT. I don't believe either has the option to whitelist ip addresses. Both simply have the option to disable dhcp, and to specify what range of ips the dhcp server will issue to clients connecting.

Last but not least - aircrack-ng can capture the handshake and inject a cracked pre-shared key already for WPA2 encrypted networks.

That I agree with though it's pretty useless and won't help with cracking a sufficent length key. Taken from the aircrack site on WPA cracking...

There is another important difference between cracking WPA/WPA2 and WEP. This is the approach used to crack the WPA/WPA2 pre-shared key. Unlike WEP, where statistical methods can be used to speed up the cracking process, only plain brute force techniques can be used against WPA/WPA2. That is, because the key is not static, so collecting IVs like when cracking WEP encryption, does not speed up the attack. The only thing that does give the information to start an attack is the handshake between client and AP. Handshaking is done when the client connects to the network. Although not absolutely true, for the purposes of this tutorial, consider it true. Since the pre-shared key can be from 8 to 63 characters in length, it effectively becomes impossible to crack the pre-shared key.

QUOTE

The only time you can crack the pre-shared key is if it is a dictionary word or relatively short in length. Conversely, if you want to have an unbreakable wireless network at home, use WPA/WPA2 and a 63 character password composed of random characters including special symbols.

Here



Anyway, this is starting to get off topic so I'll leave it there. Suffice to say WPA2 is far safer, and the other methods mentioned have some serious flaws. Some further research would reveal that.

 

[Foxi4]

Disabling DHCP server is not the same as whitelisting. I have two Linkys routers one running Tomato and the other DD-WRT. I don't believe either has the option to whitelist ip addresses. Both simply have the option to disable dhcp, and to specify what range of ips the dhcp server will issue to clients connecting.

Don't you think that selecting a range consisting of 3 adresses is exactly as sufficient as a whitelist?

Also, I never said that WPA2 is not safer - it is. It just doesn't work with the DS. Everybody should choose his/her priorities, either 100% secure network or multiplayer.

 

[yuyuyup]

I had the same prob with Tetris DS but you could prob get just a usb wifi adapter or some shit, fuck the wep key router thing

 

[FluffyLunamoth]

Eh, I just use WEP + MAC Filtering. If someone wants internet badly enough that they have to go and hack their crap to get onto mine(it's fun, because I live near old people. Very safe internet XD), then I say go for it. I check it regularly, anyway. And name all the devices that connect.

 

[stomp_442]

I'm not to smart when it comes to wifi routers, I know that no one has hacked my WPA2 encryption. All this tech talk of wifi routers has fallen on deaf ears, I'm clueless on most of that stuff, but do appreciate the replies. Maybe I can learn something from the replies.

I unplug my router every night, it's on during the day time hours only, to minimize hacking. All 4 of my computers are wired to the router. The only reason I bought a wifi router is so my Wii can connect and do the updates for various apps, download covers, and SMB shares for movies and emulators.

 

[FluffyLunamoth]

Like the first reply said. There is absolutely NO WAY for WPA2 to work with DS games. At all. Full stop, period. Nada. Not gonna happen. NEVAR.

 

[ferofax]

i think it's pretty much safe to assume that you either compromise on a WEP encryption, or just don't play it online. or go find another way to get to an access point with WEP (so you don't have to compromise your WPA2 network). you still have to use WEP though.