Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: WEP: Dead Again, Part 1

  1. #1
    Senior Member
    Join Date
    Jun 2004
    Posts
    379

    WEP: Dead Again, Part 1

    thaught you guys might like this.

    WEP: Dead Again, Part 1

    Introduction
    This article is the first of a two-part series that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes. Part one, below, compares the latest KoreK based tools that perform passive statistical analysis and brute-force cracking on a sample of collected WEP traffic. Next time, in part two, we'll look at active attack vectors, including a method to dramatically increase the rate of packet collection to make statistical attacks even more potent.
    source http://securityfocus.com/infocus/1814

  2. #2
    What is the use of WEP?I heard that term when configuring wireless connections.

  3. #3
    WEP is a method of encrypting wireless traffic.

    The weakness is in the implementation, and provided you have a large enough sample of packets, the key can be retrieved in under a minute. Assuming you have 5-6 million packets captured.

  4. #4
    If they crack the WEP,what good does it do?

  5. #5
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    Originally posted here by voltagirl
    If they crack the WEP,what good does it do?
    the point is that you have protection on your network also you should hange it every once in a wile to help keep it secure. Wep also help because most of the time if some one is just looking for a network to access they will just rule out a encrypted one because their are so many unencrypted ones which should not be but it is.

  6. #6
    Originally posted here by voltagirl
    If they crack the WEP,what good does it do?
    If they crack the WEP what good does it do, hehe nice. They can only get free internet and get your credit card info and other financial doc's etc. Noone's worried about their credit card info being brought to public anyways
    If at first you don\'t succeed, work for Microsoft.

  7. #7
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024
    WEP is just an extra step for would be hackers. Makes a lot of wardrivers move on (unless you are a business, then they may well take the time to crack it.) It takes a couple hours to crack so if someones just looking for an anon wap they will move on until they find a completely unsecured one (which seem to be more common that secure ones)
    [H]ard|OCP <--Best hardware/gaming news out there--|
    pwned.nl <--Gamers will love this one --|
    Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.

  8. #8
    Senior Member
    Join Date
    Mar 2003
    Posts
    135
    Originally posted here by Winston

    The weakness is in the implementation, and provided you have a large enough sample of packets, the key can be retrieved in under a minute. Assuming you have 5-6 million packets captured.
    The point of the article is that 5 or 6 million packets is no longer necessary. That is the number required by airsnort to generate the few thousand packets with weak IVs. With aircrack, only a few hundred thousand packets are needed, and they need only have unique IVs, which are far easier to come by. In other words, the time to crack a key just got much, much lower. This not only affects large companies with a lot of traffic, it also opens up home users (low traffic) to much easier attacks.

  9. #9
    Junior Member
    Join Date
    Dec 2004
    Posts
    1
    Being a home wireless user, to protect myself I was thinking that I can simply alternate a list of passwords. Would this be a good method to stop crackers?

  10. #10
    Rotating the passwords is a good start, but you should also consider MAC address filtering, to prevent unauthroized computers from connecting to your network.

    The newer access points allow WPA, which is a more secure encryption standard than WEP.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •