WiFiNetNews points to an article in Security Focus that says WEP is dead.
This article is the first of a two-part series that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools.
In many cases, a WEP key can be determined in seconds or minutes. Part one, compares the latest KoreK based tools that perform passive statistical analysis and brute-force cracking on a sample of collected WEP traffic. Next time, in part two, we’ll look at active attack vectors, including a method to dramatically increase the rate of packet collection to make statistical attacks even more potent….
Wired Equivalent Privacy (WEP) has been largely relegated to the dust bin by businesses, supplanted by Wi-Fi Protected Access (WPA). WPA uses 802.1x and EAP authentication, based on a central authentication server, such as RADIUS. The WiFi alliance says this will eliminate the need for running wireless VPN software.
WPA itself is subset of the IEEE’s new 802.11i wireless security specification. Most equipment released in 2004 and 2003 already has the silicon to support full 802.11i, which has a more complex option for using AES encryption (Advanced Encryption System). It requires more processing power on the part of the AP.
Even the new improved WPA is no guarantee. The folks who wrote tinyPEAP, a firmware replacement for two Linksys router models that has on-board RADIUS authentication using 802.1X plus PEAP, released a WPA cracking tool.
WiFiNetNews offers these tips; (1) Choose a better passphrase, (2) Use randomness to choose a passphrase, (3) Use WPA Enterprise or 802.1X + WPA. Broadband Reports has more.
Tom’s Networking has a definitive collection of security resource links. Broadband Report links to some interesting maps by Postini that illuminate the geographical origins of spam, viruses and directory harvest attacks.
This Network World Article on Wireless Security assembled 23 wireless products from 17 vendors and ran them through a battery of tests. It’s a comprehensive review of the latest gear.
- Cracking the wireless security code
- What we tested
- WEP: Stick a fork in it
- 802.1X: A stepping stone
- WPA – An accident waiting to happen
- 802.11i: The next big thing
- Security standards aside, lock down your boxes, boys!
- Wireless Access Point: Wire-side security testing (PDF)
- How to do it: Securing your wireless LAN
- Tools, not standards, that help tie down wireless nets
- Glossary of wireless security terms
-
Explaining TKIP
How we did it - Archive of Network World reviews
| Wireless access points | ||||
| Vendor | Product | 802.11 flavors supported | Version | Price as tested |
| 3Com | 3Com Wireless LAN Access Point 8750 | a/b/g | .04.51 | $899 |
| Actiontec | GT701WG Wireless DSL Gateway | b/g | 3.0.1.0.5 | $130 |
| Belkin | F5D7230 High-Speed Wireless G Router | b/g | 4.03.03 | $90 |
| Buffalo | AirStation WBR2-G54 High Speed Mode Wireless Cable/DSL Router | b/g | 2.21 | $150 |
| Cisco | Aironet 1100 Access Point | b/g | IOS 2.2(13)JA1 | $499 |
| Compex | NetPassage WPE54G-SMA Access Point | b/g | 1.10 b518 | $150 |
| HP | ProCurve 520wl dual radio Access Point | b/g | 2.4.5(758) | $589 |
| Linksys | WAP54G Access Point | b/g | 2 | $100 |
| Netgear | WG302 Prosafe Access Point | b/g | 2.0.4RC2 | $350 |
| Netopia | 3347W ADSL 3-D Reach Wi-FI Gateway | b | 7.3.3r1 | $219 |
| Proxim | Orinocco AP-4000 | a/b/g | 2.4.11(821) | $899 |
| SMC | SMC 2555W-AG Wireless Access Point | a/b/g | v3.0.0 | $800 |
Barry’s Security Planet has dozens of RSS feeds with the latest security news.
