Michel Lanners wrote: > > Hi all, > > On 20 Aug, this message from Andrew Sharp echoed through cyberspace: > > Colin Walters wrote: > >> > >> Michael Flaig <[EMAIL PROTECTED]> writes: > >> > >> > Well ... no encryption is bad :-( Everyone with a laptop in front of > >> > my door could sniff my network, or isn´t it so easy ? > >> > >> As I understand it, WEP is bad becuase the key size is far too small. > > No, it is mostly because it is implemented _wrong_. There are a few > drawbacks in the potocol spec, that is what makes WEP a joke. > > Have a look here: > > http://slashdot.org/article.pl?sid=01/08/09/1758200&mode=thread > http://www.cs.rice.edu/~astubble/wep_attack.pdf > http://slashdot.org/article.pl?sid=01/07/27/1734259&mode=nested
Boy. > >> This means an attacker would only have to make a slight amount of > >> effort to break the encryption through brute force. > > Not brute force (well not really... it's not about trying every possible > key one after the other), but simply by listening to wireless traffic, > and extracting information out of it as it goes by.... Have a look here > for tools that do the crack for you: > > http://airsnort.sourceforge.net/ > http://sourceforge.net/projects/wepick > > > Which is better than no encryption, hello. > > Right. WEP still prevents casual sniffing, and easy wireless net > hijacking. However, your neighbour in the apartment next to you could > still _easily_ crack your net in no time. Actually, I was gonna set all my neighbors up on the network. ~:^) See consume.net and also http://www.thestandard.com/article/0,1902,23672,00.html for details. The open source model comes to network infrastructure! > > Also, the key size is > > not fixed but only depends on how you set it up. A key size of 40 > > bits prevents casual sniffing of your "conversations" while not > > adding significant cost to the parts. A key size of 128 bits > > prevents any timely cracking of your network traffic, > > No, that is not true anymore, as has been pointed out. > > I'd suggest these steps to secure an 802.11 network (in increasing > efficiency): > > - use hard-to-guess network names > - use WEP > - use MAC-based access-control > > these three should really be the base line > > - use application-level encryption or a strongly encrypted tunnel Got it. Now if I can just get ppp to work on my 8500.... a
