How Secure is WEP?
I
intended to write this month about WLAN Security
something other than switching/routing, system administration, or network
engineering . But I've been spending a bit too much time recently working with
some of the WLAN cracking ("security administration") tools, to see
how well they work on my own Wireless Access Point (WAP). There are a number of
good articles out there I'd also like to call your attention to, if you're only
loosely tracking WLAN security issues. So my intent here is to summarize what's
going on that affects WLAN security.
" Recall
that WEP is the original form of encryption used to control the association of
a PC with a Wireless Access Point (WAP) or another PC (in ad hoc mode, which is
one of the first things I turned off on my NIC settings). WEP has been
superseded by WPA and WPA2 or 802.11i. Wi-Fi Protected Access (WPA)
uses message exchanges like those in WEP, but uses either TKIP (new key every
packet) or AES encryption for confidentiality. WPA comes in industrial and home
strengths. The former requires 802.1x with a RADIUS back end to authenticate
users (This is what I’m using too). This is much stronger than the SOHO version, which uses Pre-Shared Keys (WPA-PSK). "
The first tool in our new WEP cracking toolbox is Aircrack. Aircrack provides the
fastest and most effective statistical attacks available. To give Aircrack a try, simply
collect as many packets as possible from a WEP encrypted wireless network, save
them as a PCAP file, and then start Aircrack from the command
line.
Jahil# aircrack -n 128 packets.pcap
Jahil# aircrack -f 4 -n 128 packets.pcap
>>>>> See the result :) <<<<<