WEP Canundrum

Printable View

April 11th, 2005, 12:47 PM
phobophiliac

WEP Canundrum

Hi all,

Just a query I have which has been bugging me for a while now. When people talk about cracking WEP keys with a cracking tool such as Airsnort which, needs a large number of packets. if the network is only small and doesn't generate many packets the crack could take months, Iv heard people say well, you just generate traffic on that network, well surely this is not possible as the network is encrypted and you cant see any individual machine so how is this possible?

Thanx for clearing this up

Craig Dunn
April 11th, 2005, 01:41 PM
Tachyon

When googling "generating traffic for airsnort' the first link that pops up is

http://www.davewilson.cc/Wireless/Airsnort.html

Enjoy.
April 11th, 2005, 03:06 PM
mmelby

Here is a good white paper on the weaknesses of WEP. It has the information you are looking for.

http://www.isoc.org/isoc/conferences...ers/stubbl.pdf
April 11th, 2005, 03:17 PM
KeyserSoze

Re: WEP Canundrum

Quote:

Originally posted here by phobophiliac
Hi all,

Just a query I have which has been bugging me for a while now. When people talk about cracking WEP keys with a cracking tool such as Airsnort which, needs a large number of packets. if the network is only small and doesn't generate many packets the crack could take months, Iv heard people say well, you just generate traffic on that network, well surely this is not possible as the network is encrypted and you cant see any individual machine so how is this possible?

Thanx for clearing this up

Craig Dunn

When they say "generate traffic", then you have to either already be on the lan or start a lot of communication with a server behind it. It is true that a large number of encrypted packets are needed (5-10 million) to get the "interesting" packets with weak IVs to crack wep when using a first-generation tool such as airsnort. However, some new tools require far less than that, some as few as 3 or 400,000 packets. Take a look at http://www.securityfocus.com/infocus/1814 .
April 11th, 2005, 04:20 PM
phishphreek

These techniques have been covered in many places.

My favorite articles on this are available at www.securityfocus.com

Look for "WEP Dead Again Part 1" and "WEP Dead Again Part 2".

Just saw that KeyserSoze has posted a link to Part 1.
Part 2 is located @ http://www.securityfocus.com/infocus/1824