Wireless network (WEP security)

Ken Wolstencroft kenw-9hyeSw/pbO7e9xe1eoZjHA at public.gmane.org
Tue Sep 30 20:10:13 UTC 2003


802.1x is ratified in June 2001, you are think about 802.11i. WPA is an
interim solution taking a broad view what is likely to ratified in 802.11i.

802.1x is a key component in both WPA and 802.11i.

All the best,
Ken


----- Original Message ----- 
From: "Tom" <Tom-QXpTDD2AffPSUeElwK9/Pw at public.gmane.org>
To: <tlug-lxSQFCZeNF4 at public.gmane.org>
Sent: Tuesday, September 30, 2003 8:23 PM
Subject: [TLUG]: Re: Wireless network (WEP security)


> WEP is only useful for preventing casual access to your network.  It's not
> real security.
>
> The solution is the 802.1x protocol, but this is not finalized, so there
is
> an interim standard called WPA.  These protocols will eventually use the
AES
> algorithm, but it is too computational expensive at the moment.  You can
> only use it if the algorithm is built into the firmware.  As another
interim
> solution people are using the TKIP algorithm, which is similar to WEP.
>
> Now, with that many 'interims' and an algorithm similar to WEP you might
> think that WPA with TKIP is no good, but that is not the case.  It is
vastly
> better than WEP and it provides true security at this time.
>
> This solution can be implemented independently of the driver.  You could
buy
> any wireless adapter, using any of the 802.11 standards and then get
> software that implements WPA.  But it's not totallly independent - you
need
> to make sure that the WPA software you get is compatible with the
> chipset/driver you are using.
>
> The hard part is going to be finding a WPA solution for Linux.
>
> One other thing.  If you want to use Linux as your AP you need an
> 'authenticator' and if you want to use it as a client then you need a
> 'supplicant'.  Unless you are in a corporate environment you will want to
> use WPA in 'pre-shared key' mode.
>
> Or, you could implement security at a higher level in your network.
>
> Tom.
>
> "Gardner Bell" <gbell72-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org> wrote in
> message
>
news:Pine.LNX.4.58.0309301317500.1427-bi+AKbBUZKarHMlHb5NnZytyHCCPSaTIbJEeYj9oJeCmdvSpIQae8A at public.gmane.org
> > I've been considering moving to a wireless network system but after many
> > articles I have read is it really worth it?  One such article I read was
> on the
> > WEP algorithm and numerous flaws found by the analysts, such as a
> > dictionary-building attacks, active attack to inject new traffic from
> > unauthorized mobile stations, etc. How easily could a
> > hacker pull off this kind of attack on an 802.11 network?
> > The initialization vector in WEP I have read is only 24-bit and is sent
in
> > the clear-text part of a message, with only a small amount of
> initialization
> > vectors how often would the same key-stream be used on a rather small
home
> > network?  A busy access point, which constantly sends 1500 byte packets
at
> > 11Mbps, will exhaust the space of IVs after 1500*8/(11*10^6)*2^24 =
~18000
> > seconds, or 5 hours.  Would the time increase or decrease using wireless
> with
> > Roger's or does it all depend on how much traffic my machines are
sending?
> > What measures have others here taken to secure their wireless networks
if
> any of
> > you have them and what specific hardware would you recommend?  Any other
> info
> > that you could provide would be greatly beneficial.
> >
> > thanks
> >  --
> > Gardner Bell - personal site www.gamecraze.net
> > GPG Fingerprint
> > C6F5 39E1 9E9A 9FAC 9DCE  78A3 9C8B 39F4 0895 FD3F
> >
> > --
> > The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> > TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> > How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
> >
>
>
>
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.522 / Virus Database: 320 - Release Date: 9/29/2003

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list