Re: [TriLUG] WEP insecure? What else?

Tue, 24 Aug 2004 12:45:54 -0700

I've heard (YMMV, buyer beware) that you have to "snort" about 500MB of data to break 40bit encryption. The higher the encryption, the more raw data you need to gather before you can decrypt.

It you have low traffic it's going to take longer to sniff the number of packets you need to break the encryption. Of course if you are D/L ing a favorite linux distro over your wireless net you could generate that in an hour or so. The bigger threat is sitting outside a business with all kinds of traffic on the Wireless network to grab.

The breaking is the easy part, the grabbing the ammount of packets to start crunching is the challenge it seems to me.

Dave S.

Jim Thompson wrote: 
Hi all,

I've seen several posts to the effect of "never use WEP because it's
incredibly easy to break". To test this, I've been using Airsnort to
monitor my own 128-WEP network at home. I've been capturing packets
for awhile now and have only one "interesting" packet.  This link:

http://www.knoppix-std.org/forum/viewtopic.php?t=1714

seems to say similar things: guy captures millions of packets and gets
only one "interesting" one. Has anyone actually *used* Airsnort or
some other sniffing tool to successfully crack a 128bit WEP-enabled
wireless link before (and not just "I've heard it's really easy to
kr4ck LOL")? How long is a practical window on a home connection
before enough "interesting" packets get collected (even assuming that
the network is relatively busy instead of idle most of the time)? Is
the risk of a  neighbor cracking your WEP really practical? Certainly,
if it takes days or weeks to get enough packets, that sort of rules
out the casual wardriver, right?

I'm looking into other solutions besides WEP, but linux is a stumbling
block right now. I've got a Cisco aironet 340 wireless card on a
Gentoo box connecting to a Linksys wireless "router". The Linksys
allows for WAP instead of WEP, but in searching for a way to get my
Aironet to work with WAP under Linux, I've found that it looks like a
pretty thorny deal to get WAP to actually work. My current project is
to put a *BSD box in between the wireless router and the internet/LAN
access, but that's kind of an end-run around getting Linux wireless to
be more secure.

Jim 
--
TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ  : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc

Reply via email to