WEP: Dead Again, Part 1

[KeyserSoze]

Originally posted here by Timmy77
Rotating the passwords is a good start, but you should also consider MAC address filtering, to prevent unauthroized computers from connecting to your network.

The newer access points allow WPA, which is a more secure encryption standard than WEP.

MAC address filtering is a good idea, but it's easier to spoof a mac than crack a wep key. All anyone has to do is fire up kismet, sniff a client, then issue one ifconfig command to change their mac address to one they want to be. The best solution is to take many different approaches, most (if not all) of which are outlined in posts on this site (one is a wireless security tut) and elsewhere on the web. WPA will be much better.

[mikema]

I am told WEP is easily cracked using airsnort, better use WPA? Is all G routers support WPA, while B routers not?

[rowdy_yates]

i would say, when you get your wireless AP, read the manual, and use *all* the security features that the manufacturer offers you. eventhough it's crackable, use WEP anyways and max out the key sizes.

[mohaughn]

All 802.1x devices could potentially use WPA. The reason being that it uses the same encryption algorithm as WEP, which is RC4. WPA uses a much better implementation of RC4 which is why it is more secure. It is just up to the manufacturer of the device to release a firmware update that allows for WPA to be utilized.

The other thing that WPA does is that it changes the key for every frame, where as with WEP you have the same key until you change it. In WPA this is known as TKIP, Temporal Key Integrity Protocol. There is then a global key which can also be managed through the AP that helps synchronize all of the individual frame key changes. In WEP you have to manually change the key on the AP and all of your nodes. WPA does away with that.

Then there is 802.11i which does require additional hardware as it uses the AES encryption algorithm which requires a seperate math co-proc in order to handle the addiditional load put on an AP by having to deal with the AES encryption. Some people are calling 802.11i WPA2 as WPA and 802.11i are extremely similiar other than the use of a better encryption algorithm in 802.11i.

Bottom line, if you are a home user you are probably fine with WEP. Just make sure that you don't send any sensitive data in clear text. If all you do is connect to your bank or say Amazon.com you should be fine as your browser encrypts those sessions. Make sure that you are not broadcasting your SSID, and change your WEP key atleast once every week or two depending on how much data you send over your wireless network. If you use your wireless network heavily, more frequent key changes are needed.

If you are a business I would never send any type of sensitive information over a WEP enabled network unless that data is encrypted using something external like blowfish, pgp, etc... If you want to send sensitive data without having to use an external form of encryption WPA is definitely the way to go.

If you are a government person or handling extremely sensitive data use 802.11i exclusively as it is the only form of wireless encryption that meets the US government standards for data encryption.

[July]

I have tried cracking my wap wep key using my laptop and haven't been able to. I don't think it's as easy as everyone says. Sure it can probably be done but if you worried about war drivers and people sitting in your parking lot I think wep would probably work fine. It's those hardcore people that sit out in the parking lot for a couple days that I would be worried about then WPA i think is very wise to use plus it's very easy to use with windows xp systems.