WEP uses an algorithm to encrypt a key to every user. It uses RC4 algorithm which makes it weak and easy to break. Basically only 40bit(+24bit) key (USA standard) or 104bit(+24bit) key. The Key is static and is generated by the password the user enters.
A Weak solution. (until they start using better algorithm and encrypting the packages users send out – this hasn’t been built yet!!!.)
WEP+ or WEP2
Call it as you want. They use CRC-32 encryption algorithm. It uses 128bit key, which is static once again. And WEP+ allows (subordinates to) DoS attacks. Also the packages user sends out are not encrypted once again.
Allows to set the key to change periodically. It uses port authentication and is not a crypted system. It allows “Man in the middle” attacks. And of course the packages sent by user are still not encrypted.
WEP+ with 802.1x:
802.1x uses a Kerberos cryptoalgorithm and allows dictionary attacks. (brought out some special options only). Why have I pointed out that the packages are not crypted? Because with a sniffer you can easily monitor all the packages and with 15min, you can have all the info take down the whole network. Now the best solution since now is to keep the LAN separate from WiFi connection, using DMZ in the middle with VPN or IPSec, proxy, Firewall etc. monitoring the movements. This way the attacker who gets through WiFi wont get into LAN directly, but has to get through DMZ also and that wont be as easy as the first part. There is VPN(PPTP - Point-to-Point Tunneling Protocol) and IPSec(L2TP - Layer 2 Tunneling Protocol). In this case you can be pretty sure that no one is sniffing your traffic. It creates tunnel between user and Network server. Im sure there are other tools to protect, but these are the well-known ones.
For more info!
Basic considerations regarding WLAN
1.Have IT regulations! No selfmade WLAN stations!
2.Choose the product(there is a difference between WEP and WEP+ etc.)
3.Use at least WEP for securing.
4.Change WEP keys periodically.
5.Better install Radius, VPN or other security enforcment.
6.Monitor your WiFi Network always, or others will do it for you.
7.Don’t give out in SSID and INFO labels info about your organizational belonging.
8.Don’t use Beacon(sends packages out which can be cought and gives valuable info out like this)!
9.DHCP is from Devil.
10.Turn off LAN broadcast translation.(Windows sends out broadcats packadges every 15min or so, again valuable info about computers and LAN can be gained catching those).
11.Don’t use Ad-Hoc mode.
Choose the antenna, their direction. If needed turn the Wi connection area a bit down.
12.In Access points turn on the MAC aadress filtering(helps only a little, cause Linux allowes MAC address changing)
13. Connect LAN through DMZ using proxy, Firewall, VPN etc.
Now you cant really protect unless you know how to attack! Im not gone teach
you how to (a new area to me too, though the showed their hackings/cracking on town) and they hacked/cracked the network we currently used using Wi), but I will give few tools, info and stuff to read about:
More about wardriving
WLAN visualization project
Thats all folks, hope it was at least a bit helpful or gave some knowledge.
This article was originally written by Melborp