[TriLUG] WEP insecure? What else?
dave at logicalgeek.com
Tue Aug 24 15:45:50 EDT 2004
I've heard (YMMV, buyer beware) that you have to "snort" about 500MB of
data to break 40bit encryption. The higher the encryption, the more raw
data you need to gather before you can decrypt.
It you have low traffic it's going to take longer to sniff the number
of packets you need to break the encryption. Of course if you are D/L
ing a favorite linux distro over your wireless net you could generate
that in an hour or so. The bigger threat is sitting outside a business
with all kinds of traffic on the Wireless network to grab.
The breaking is the easy part, the grabbing the ammount of packets to
start crunching is the challenge it seems to me.
Jim Thompson wrote:
> Hi all,
> I've seen several posts to the effect of "never use WEP because it's
> incredibly easy to break". To test this, I've been using Airsnort to
> monitor my own 128-WEP network at home. I've been capturing packets
> for awhile now and have only one "interesting" packet. This link:
> seems to say similar things: guy captures millions of packets and gets
> only one "interesting" one. Has anyone actually *used* Airsnort or
> some other sniffing tool to successfully crack a 128bit WEP-enabled
> wireless link before (and not just "I've heard it's really easy to
> kr4ck LOL")? How long is a practical window on a home connection
> before enough "interesting" packets get collected (even assuming that
> the network is relatively busy instead of idle most of the time)? Is
> the risk of a neighbor cracking your WEP really practical? Certainly,
> if it takes days or weeks to get enough packets, that sort of rules
> out the casual wardriver, right?
> I'm looking into other solutions besides WEP, but linux is a stumbling
> block right now. I've got a Cisco aironet 340 wireless card on a
> Gentoo box connecting to a Linksys wireless "router". The Linksys
> allows for WAP instead of WEP, but in searching for a way to get my
> Aironet to work with WAP under Linux, I've found that it looks like a
> pretty thorny deal to get WAP to actually work. My current project is
> to put a *BSD box in between the wireless router and the internet/LAN
> access, but that's kind of an end-run around getting Linux wireless to
> be more secure.
More information about the TriLUG