Wireless network (WEP security)

James Knott james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Wed Oct 1 10:31:22 UTC 2003 

WEP is still useful, in that it will send attackers to easier targets,
rather than putting the effort into cracking it.  Also, I run a VPN over
my wireless and it and ssh are the only ways to get through my firewall.


Kareem Shehata wrote:
> WEP is useless.  I know people who have worked on either breaking it, or
> securing 802.11 using better techniques.  While the first group of people
> have had a great deal of success, the later have yet to get something
> widely accepted in hardware.
> You're best bet is to use something at a higher level than the
> Data-Link-Layer.  Freeswan has a good solution for wireless lan's from
> what I've heard.  You can also leave the IP-layer open, and secure the
> application layer with SSL or something similar.
> Good luck!
> 
> Kareem
> 
> 
> Gardner Bell said:
> 
>>I've been considering moving to a wireless network system but after
>>many articles I have read is it really worth it?  One such article I
>>read was on the WEP algorithm and numerous flaws found by the analysts,
>>such as a
>>dictionary-building attacks, active attack to inject new traffic from
>>unauthorized mobile stations, etc. How easily could a
>>hacker pull off this kind of attack on an 802.11 network?
>>The initialization vector in WEP I have read is only 24-bit and is sent
>>in the clear-text part of a message, with only a small amount of
>>initialization vectors how often would the same key-stream be used on a
>>rather small home network?  A busy access point, which constantly sends
>>1500 byte packets at 11Mbps, will exhaust the space of IVs after
>>1500*8/(11*10^6)*2^24 = ~18000 seconds, or 5 hours.  Would the time
>>increase or decrease using wireless with Roger's or does it all depend
>>on how much traffic my machines are sending? What measures have others
>>here taken to secure their wireless networks if any of you have them
>>and what specific hardware would you recommend?  Any other info that
>>you could provide would be greatly beneficial.
>>
>>thanks
>>--
>>Gardner Bell - personal site www.gamecraze.net
>>GPG Fingerprint
>>C6F5 39E1 9E9A 9FAC 9DCE  78A3 9C8B 39F4 0895 FD3F
>>
>>--
>>The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
>>TLUG requests: Linux topics, No HTML, wrap text below 80 columns
>>How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
> 
> 
> 



--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list