Wi-FiGurus

Wi-FiGurus

The community of Wi-Fi Professionals

Top Referrer

Gino

Most Profilic Writer

jonassono

Newsletter Subscription

Most Popular
ASUS WL-520gU Wireless Router Supports Vista Managing the WLAN at Intel 60 minutes investigation on the TJX credit card scam Problem with Vista Wireless

Latest Content
Malaysian WiMAX Operators Fined for Missing Coverage Requirements (Cellular-News.com) Beceem expects WiMAX solution shipments to Taiwan to double in 2010 (Digi Times) Mobily takes SR900m to expand Wimax coverage (AME Info) Google, Intel eye Indian Wimax space (CIOL) Wimax 2,3 GHz Komersil November 2010 (detikcom)

Tag Cloud
access point configuration hotel India interference InterOp maintainence market multicast Public Wi-Fi reengineering sales security services spectrum analyzer Users Vo-WiFi VoWIP WLAN capacity

Test your wireless LAN knowledge!

WEP beats no Security at All

(4 votes)

Written by OJ Jonasson

Monday, 09 July 2007

I really tired of the Wi-Fi security experts and WannaBee's bashing WEP with quotes like "a WEP key can be broken in seconds". While WEP may not be suitable for securing Wi-Fi networks that handle highly sensitive or confidential information, it does afford a certain level of protection for residential access points (or wireless router as it is more commonly called, i.e. those D-Links, LinkSys & Netgear devices). It clearly discourages unauthorized use of your personal access point by nearby neighbours and/or those war drivers looking for temporary Internet access that is free and easily accessible for them to use. War drivers (and any other fool) will simply drive further down the street and find an unsecured access point since, according to various surveys, only an estimated 40% of residential networks have any form of security. Put a 128 bit WEP key on your access point (and all workstations using Wi-FI access) and you will easily deter 99% of this cohort (neighbours & war drivers looking for temporary access).

Comments

Add New

RSS

Good point

chris_91504 (Registered) 2007-07-09 13:46:55

I agree WEP is the first line of defense against any threats.

WEP Encryption

Ishtiyaq (IP:210.7.94.212) 2007-07-11 07:55:27

WEP is a secured way and easy way of setting up security on Router for local network security thereby preventing the illegal access. It is not easy to crack the WEP code as is a common notion but a person needs to be constantly in touch with the network and with help of various cracking softwares can the key be sought after a long time.........

Cracking the WEP Key

jonassono (Registered) 2007-07-13 15:19:59

In order to really understand the process, I've practiced cracking WEP keys using the AIrcrack NG suiteof tools. Something I learned very early on is "it's the number of frames needed to find the key", regardless of the techniques used to perform the deed, i.e. brute force, KoReK, PTW...My experience showed an average useable packet rate of about 2500 per hour for a typical residential Wi-FI target. Assuming the need for 300,000 packets for a 64 bit key, this requires 120 hours or about 5 days to collect. A 128 bit key requires about 2,000,000 frames or about a month to collect. One must have a extremely good reason to leave a notebook or equivalent parked obscurely for a month, very near the target residence. Once again, I suggest a 128 bit WEP key is very effective security deterrent for residential access points.

Jeez...

davidb77380 (IP:70.122.71.125) 2007-07-16 16:02:54

I don't don't anyone who claims "WEP can be broken in second." In minutes - yes, but in seconds - no. In any case, what amazes me are people who continue to defend WEP.

WPA-PSK is easy to implement and is unquestionably more secure provided you use a random pass phrase of 20 characters or more. So given that, why not just recommend it, instead of continuing to defend WEP.

Also, for the commenter who claims it takes "about a month to collect" enough frames is wrong, you might want to check out aireplay.

WEP Defense

jonassono (Registered) 2007-08-06 10:30:36

There are still 1000's of older PC's out there with .11b that do not have support for WPA or WPA2 - in fact I am using one to create this message (an HP Pavilion ze5200). My point is not to defend WEP - rather it is to propose that for those cases (residential use) where WPA is not supported - 128 bit WEP is better than leaving the AP wide open. Aireplay is no different based on the typical residential frame rates, i.e. ~2500 per hour

david (Registered) 2007-09-01 21:34:53

And I suppose you also advocate shared key authentication over open authentication when using WEP.

re: Jeez...

davidb77380 (Registered) 2007-07-16 16:10:42

davidb77380 wrote:

Also, for the commenter who claims it takes "about a month to collect" enough frames is wrong, you might want to check out aireplay.

Should read:

Also, for the commenter who claims it takes "about a month to collect" enough frames -- you might want to check out aireplay.

Only registered users can write comments!

< Prev		Next >

[ Back ]

Home