[CLUE-Tech] WEP security?
Jed S. Baer
thag at frii.com
Mon Nov 18 19:52:56 MST 2002
On Mon, 18 Nov 2002 16:47:40 -0700
Tom Poindexter <tpoindex at nyx.net> wrote:
> On Sun, Nov 17, 2002 at 04:44:30PM -0700, Sean LeBlanc wrote:
>
> > I knew WEP was on shaky ground, but this makes it sound like cracking
> > WEP is trivial. Has anyone been cracked at work or at home, and if so,
> > how did you find out about it?
>
> 40-bit WEP can probably be cracked in under 30 seconds for most cases,
> where WEP keys are choosen from ASCII characters. Using ASCII keys are
There was a good article in, I think, Linux Journal recently on wireless
security. Considering how awake I am at th moment, it could just as well
have been on ArsTechnica. A little googling should turn it up.
What I recall is that, given the state of current wireless, the only
really secure thing to do is permit access only based on MAC address. I
don't know how easily that can be spoofed.
Someone at the CLUE meeting was saying something about allowing only ssh
or vpn type connections over your wireless network. IOW, someone might be
able to get a link on your WAP, but not be able to do anything with it.
Dunno how that works WRT IP4 routing, and denying access to your "outside"
connection to the internet.
jed
--
We're frogs who are getting boiled in a pot full of single-character
morphemes, and we don't notice. - Larry Wall; Perl6, Apocalypse 5
More information about the clue-tech
mailing list