[CLUE-Tech] WEP security?

Adam Bultman adamb at glaven.org
Tue Nov 19 09:51:14 MST 2002 

A few friends and I recently set up a WAP near a local coffee shop (2nd
floor apartment, kitty corner form the coffee shop).

We get weak, although usable connections at the coffee shop, and try not
to attract too much attention. We use 128bit WEP encryption, and for the
most part, everything we use is either SSL or SSH encrypted/protected.
However, I still don't trust traffic.  One individual that came to the
coffee shop (who later would don a  "Phone Losers of America" shirt) said
he would "Break WEP in a few hours, then spoof my MAC address and use the
connection"

While I don't think a barely used wireless network could be hacked in a
'few hours' (the PLA shirt made me even MORE skeptic - the only phone
losers I know mostly skulk around college campuses and steal things) I DO
rotate my keys on a regular basis.

One thing that I DONT know, is why does it make like, 6 keys, when I can
only use the first one? How dumb is that? "Sure, you can use this key, but
it's not gonna work. That one's for show".

Adam


On Tue, 19 Nov 2002, David Anselmi wrote:

> Tom Poindexter wrote:
> [...]
> >
> > 40-bit WEP can probably be cracked in under 30 seconds for most cases, where
> > WEP keys are choosen from ASCII characters.  Using ASCII keys are easy to
> > type, but essentially reduces the key space from 40 bits to about 21 bits.
> > A full brute force on 40 bits might take several weeks, but due to other
> > problems in WEP (weak keys, etc.) that time is probably a matter of days.
> >
> > 104 bit WEP is harder to brute force, but taking advantage of WEP
> > problems and a small cluster of machines, a week should be considered the
> > time to break a 104 bit WEP key.
>
> Brute force is unnecessary for WEP.  There is a flaw in the crypto that
> allows breaking the key regardless of length.  All that's required is to
> sniff 5-6M packets which takes "several hours on a moderately loaded
> network".  Sean's message had a link to the paper.
>
> So WEP is in the same category as cleartext passwords.  It adds a little
> difficulty to cracking, but won't stop anyone serious.
>
> It would be interesting to see a howto or have a talk on setting up a
> VPN to prevent unauthorized use of a wireless LAN.
>
> Dave
>
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
>

-- 
Adam Bultman
adam at glaven.org
[ http://www.glaven.org ]

More information about the clue-tech mailing list