Wireless network (WEP security)

Kareem Shehata kareem-d+8TeBu5bOew5LPnMra/2Q at public.gmane.org
Tue Sep 30 17:43:33 UTC 2003


WEP is useless.  I know people who have worked on either breaking it, or
securing 802.11 using better techniques.  While the first group of people
have had a great deal of success, the later have yet to get something
widely accepted in hardware.
You're best bet is to use something at a higher level than the
Data-Link-Layer.  Freeswan has a good solution for wireless lan's from
what I've heard.  You can also leave the IP-layer open, and secure the
application layer with SSL or something similar.
Good luck!

Kareem


Gardner Bell said:
> I've been considering moving to a wireless network system but after
> many articles I have read is it really worth it?  One such article I
> read was on the WEP algorithm and numerous flaws found by the analysts,
> such as a
> dictionary-building attacks, active attack to inject new traffic from
> unauthorized mobile stations, etc. How easily could a
> hacker pull off this kind of attack on an 802.11 network?
> The initialization vector in WEP I have read is only 24-bit and is sent
> in the clear-text part of a message, with only a small amount of
> initialization vectors how often would the same key-stream be used on a
> rather small home network?  A busy access point, which constantly sends
> 1500 byte packets at 11Mbps, will exhaust the space of IVs after
> 1500*8/(11*10^6)*2^24 = ~18000 seconds, or 5 hours.  Would the time
> increase or decrease using wireless with Roger's or does it all depend
> on how much traffic my machines are sending? What measures have others
> here taken to secure their wireless networks if any of you have them
> and what specific hardware would you recommend?  Any other info that
> you could provide would be greatly beneficial.
>
> thanks
> --
> Gardner Bell - personal site www.gamecraze.net
> GPG Fingerprint
> C6F5 39E1 9E9A 9FAC 9DCE  78A3 9C8B 39F4 0895 FD3F
>
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml


-- 
/*********************************************************************
      kareem-d+8TeBu5bOew5LPnMra/2Q at public.gmane.org   -   Kareem Shehata   -   416-676-6611
 --------------------------------------------------------------------
  Human beings, who are almost unique in having the ability to
  learn from the experience of others, are also remarkable for
  their apparent disinclination to do so.
    -- Douglas Adams, "Last Chance to See"
 ********************************************************************/



--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list