• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Wep

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
P

Penguin_Feliac

Registered
Joined
Jan 22, 2003
Location
North Pole
I was discussing Wep and other wi-fi topics in my netowrking class and the subject of security flaws and holes was brought up. My instructor mentioned that there was a huge flaw in WEP but wouldnt say anymore about it. Anyone know anything?
 
WEP has a lot of weak keys. by capturing enough of them with a packet sniffer you can use a formula for get the WEP password.
 
The keys are always in the same place in a transmission so finding them is easy, the security is weak and easy to crack. A friend did mine in under 5 min! He even found and spoofed the only allowed mac address allowed on the connection! There is no current wep that cant be hacked.
 
Numbstruck said:
Doesn't WEP slow down your network speeds too?
Click to expand...

Not that I've seen. But my wireless network is only 802.11b and is slow as it is but surfing the internet with 128 bit wep is just as fast as it is with no wep.
 
yea we setup a network with 802.11b stuff and it was really slow...too slow. Then we setup a "g" network and it seemed to run fine/normal. They were both seperate networks, and we used the same brand for both just different standards.

I'm not a big fan of the 802.11b........JMO
 
802.11b should be fine for just surfing the net. Unless you use a file server or share files between computers, 802.11b is more than enough.

WEP's biggest flaw is that the key isn't encrypted and it's sent constantly. You can pick up the pattern fairly quickly and get into a wireless network easily.

There are a few companies that are developing new encryption methods and Cisco's LEAP seems to be very good so far.

-Bobby

ps. Let's not get into specifics of how to hack into a wifi network or this thread will get closed PDQ! ;)
 
I don't see what would be wrong with discussing wep's weakness. Its a pretty important topic, things are better off the more people know that it is weak rather than insisting on keeping people in the dark.

Bottom line, wep is cryptographically weak and you can't rely on it to be secure. There isn't even really any point in turning it on, at best it is a deterrant. Most networks don't have it turned on, wardrivers are likely to leave you alone if they see you have wep since the next network down the street probably has it off.

If you want to secure your wireless network, you should be using something like vpns and mac filtering. Keep the network outside of your firewall, so malicious traffic can't get into your real lan.

NoCatAuth is a good solution, its an open source set of scripts that you'd run on the (Linux) firewall between your wireless lan and wired one. People out on the wireless lan need to hit a web page hosted by the firewall to log in, and once they do the firewall routes their packets to the wired lan. A browser window stays up doing a javascript refresh so the firewall will know you are still there. People who don't login won't be able to talk to your wired lan.
 
I've been told by someone who I work (formerly in the army) with was that the specs for WEP was supposed to be next to uncrackable, but that the implementation of it was so pathetic that a 4 year old could do it.
 
XWRed1 - I wasn't saying that we shouldn't talk about the weakness of WEP but rather the ways to break it and the tools needed. I agree that too many people don't know how to secure a wireless network.

There are a few things that should be on your checklist to set up a wireless network.

  • * Turn off SSID broadcasts
    * Change the network name that's hard to guess (don't leave it as "default" or "wireless"
    * Use MAC filtering
    * Turn on WEP to the highest strength (D-Link uses 256bit encryption)

These few steps should help keep out most people.

-Bobby
 
If you sell out to a vendor's custom wep though, you are stuck using that vendor's gear usually. Mac filtering isn't a guarantee, someone just has to change their mac address. Not sure about ssid broadcasts being off. Does that mean that the ssid never ever appears in the traffic?

If you must use wep, I'd suggest using http://airsnort.shmoo.com/ to test it. If you're trying to hide your network, you should see what is in the air with Kismet, in my experience it picks up a bit more than Netstumbler does.
 
AC Slater said:


Not that I've seen. But my wireless network is only 802.11b and is slow as it is but surfing the internet with 128 bit wep is just as fast as it is with no wep.
Click to expand...


Agreed, I've not noticed any speed difference.

Its 11Mbs, Thats PDQ, faster than a 10Mbs connection of a hub anyways :p and 10Mbs is fast enough to run games over a lan :p

But the problem may be outside the wireless network, or maybe the channel your on is used by to many other devices and is disrupting communication between the wireless card and WAP
 
XWRed1 - Sometimes you just gotta. But selling out to Cisco isn't such a bad thing, is it? ;) The settings I suggested was more to protect the wifi network against the casual user. If someone is set on entering your network, there's not much you can do but turn off everything. Mac spoofing is fairly easy but another step they need to take to get in. Most AP's are defaulted to broadcasting their SSID. It's like a beacon saying "I'm here" . You would have to know where the network is and then intercept packets from an active wifi connection.

WEP encryption is usually done thru hardware and it runs at wire speed (470mb/s?) so you won't see any degradation to service. Although 802.11b (11mb/s) is fast, it's actually not quite faster than a wired connection. You'll see "11mb/s" in your wireless connection but you'll only see about 7mb/s, less the farther you go from the AP.

The bandwidth isn't the problem playing games, it's the latency. When you don't have a good strong signal, more packets need to be resent and that increases latency. So pinging a server on a wired computer would show, let's say, 80ms while a wifi computer will show 150ms or more with an average signal.

2.4ghz phones and microwave ovens will interfere with 802.11b and g signals.

-Bobby
 
I've played games on 802.11b before, the ping was good enough that we didn't notice.

I wouldn't mind selling out to cisco or some other vendor for a wireless setup if I meant to strictly control it, but if its at my house or someplace where I'd *want* people to connect, then non-cisco gear would have trouble connecting if I had all the special stuff going on.
 
You must log in or register to reply here.

Similar threads

M
USB wireless with Windows 2000
Replies
5
Views
837
Janus67
Janus67
M
DTT3500 - Liquid Damage - Help Fixing
Replies
2
Views
2K
don256us
don256us
T
Need help setting up my new mesh network
Replies
2
Views
751
David
David
W
Small review on Unionsine and HIKSEMI and JEYI ssd enclosure's.
Replies
0
Views
691
wade7575
W
T
Asus Armoury Crate Not Detecting Devices for RGB?
Replies
5
Views
13K
TerranBrackiatt
TerranBrackiatt
Back