[CLUE-Tech] WEP security?

Dave Hahn dhahn at techangle.com
Tue Nov 19 11:04:43 MST 2002 

IIRC AirSnort is supposed to be able to break WEP keys after watching
about 5 minutes of traffic.  WEP is awful.  New chipsets are supporting
the 256-bit WEP, not sure if that makes it much better, but.....

-d

On Tue, 2002-11-19 at 09:51, Adam Bultman wrote:
> 
> A few friends and I recently set up a WAP near a local coffee shop (2nd
> floor apartment, kitty corner form the coffee shop).
> 
> We get weak, although usable connections at the coffee shop, and try not
> to attract too much attention. We use 128bit WEP encryption, and for the
> most part, everything we use is either SSL or SSH encrypted/protected.
> However, I still don't trust traffic.  One individual that came to the
> coffee shop (who later would don a  "Phone Losers of America" shirt) said
> he would "Break WEP in a few hours, then spoof my MAC address and use the
> connection"
> 
> While I don't think a barely used wireless network could be hacked in a
> 'few hours' (the PLA shirt made me even MORE skeptic - the only phone
> losers I know mostly skulk around college campuses and steal things) I DO
> rotate my keys on a regular basis.
> 
> One thing that I DONT know, is why does it make like, 6 keys, when I can
> only use the first one? How dumb is that? "Sure, you can use this key, but
> it's not gonna work. That one's for show".
> 
> Adam
> 
> 
> On Tue, 19 Nov 2002, David Anselmi wrote:
> 
> > Tom Poindexter wrote:
> > [...]
> > >
> > > 40-bit WEP can probably be cracked in under 30 seconds for most cases, where
> > > WEP keys are choosen from ASCII characters.  Using ASCII keys are easy to
> > > type, but essentially reduces the key space from 40 bits to about 21 bits.
> > > A full brute force on 40 bits might take several weeks, but due to other
> > > problems in WEP (weak keys, etc.) that time is probably a matter of days.
> > >
> > > 104 bit WEP is harder to brute force, but taking advantage of WEP
> > > problems and a small cluster of machines, a week should be considered the
> > > time to break a 104 bit WEP key.
> >
> > Brute force is unnecessary for WEP.  There is a flaw in the crypto that
> > allows breaking the key regardless of length.  All that's required is to
> > sniff 5-6M packets which takes "several hours on a moderately loaded
> > network".  Sean's message had a link to the paper.
> >
> > So WEP is in the same category as cleartext passwords.  It adds a little
> > difficulty to cracking, but won't stop anyone serious.
> >
> > It would be interesting to see a howto or have a talk on setting up a
> > VPN to prevent unauthorized use of a wireless LAN.
> >
> > Dave
> >
> > _______________________________________________
> > CLUE-Tech mailing list
> > CLUE-Tech at clue.denver.co.us
> > http://clue.denver.co.us/mailman/listinfo/clue-tech
> >
> 
> -- 
> Adam Bultman
> adam at glaven.org
> [ http://www.glaven.org ]
> 
> 
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech

More information about the clue-tech mailing list