Wi-FiGurus

Wi-FiGurus

The community of Wi-Fi Professionals

WEP beats no Security at All

(4 votes)

Written by OJ Jonasson

Monday, 09 July 2007

I really tired of the Wi-Fi security experts and WannaBee's bashing WEP with quotes like "a WEP key can be broken in seconds". While WEP may not be suitable for securing Wi-Fi networks that handle highly sensitive or confidential information, it does afford a certain level of protection for residential access points (or wireless router as it is more commonly called, i.e. those D-Links, LinkSys & Netgear devices). It clearly discourages unauthorized use of your personal access point by nearby neighbours and/or those war drivers looking for temporary Internet access that is free and easily accessible for them to use. War drivers (and any other fool) will simply drive further down the street and find an unsecured access point since, according to various surveys, only an estimated 40% of residential networks have any form of security. Put a 128 bit WEP key on your access point (and all workstations using Wi-FI access) and you will easily deter 99% of this cohort (neighbours & war drivers looking for temporary access).

Comments

Add New

RSS

Good point

chris_91504 (Registered) 2007-07-09 13:46:55

I agree WEP is the first line of defense against any threats.

Reply | Quote

WEP Encryption

Ishtiyaq (IP:210.7.94.212) 2007-07-11 07:55:27

WEP is a secured way and easy way of setting up security on Router for local network security thereby preventing the illegal access. It is not easy to crack the WEP code as is a common notion but a person needs to be constantly in touch with the network and with help of various cracking softwares can the key be sought after a long time.........

Reply | Quote

Cracking the WEP Key

jonassono (Registered) 2007-07-13 15:19:59

In order to really understand the process, I've practiced cracking WEP keys using the AIrcrack NG suiteof tools. Something I learned very early on is "it's the number of frames needed to find the key", regardless of the techniques used to perform the deed, i.e. brute force, KoReK, PTW...My experience showed an average useable packet rate of about 2500 per hour for a typical residential Wi-FI target. Assuming the need for 300,000 packets for a 64 bit key, this requires 120 hours or about 5 days to collect. A 128 bit key requires about 2,000,000 frames or about a month to collect. One must have a extremely good reason to leave a notebook or equivalent parked obscurely for a month, very near the target residence. Once again, I suggest a 128 bit WEP key is very effective security deterrent for residential access points.

Reply | Quote

Jeez...

davidb77380 (IP:70.122.71.125) 2007-07-16 16:02:54

I don't don't anyone who claims "WEP can be broken in second." In minutes - yes, but in seconds - no. In any case, what amazes me are people who continue to defend WEP.

WPA-PSK is easy to implement and is unquestionably more secure provided you use a random pass phrase of 20 characters or more. So given that, why not just recommend it, instead of continuing to defend WEP.

Also, for the commenter who claims it takes "about a month to collect" enough frames is wrong, you might want to check out aireplay.

Reply | Quote

WEP Defense

jonassono (Registered) 2007-08-06 10:30:36

There are still 1000's of older PC's out there with .11b that do not have support for WPA or WPA2 - in fact I am using one to create this message (an HP Pavilion ze5200). My point is not to defend WEP - rather it is to propose that for those cases (residential use) where WPA is not supported - 128 bit WEP is better than leaving the AP wide open. Aireplay is no different based on the typical residential frame rates, i.e. ~2500 per hour

Reply | Quote