How secure is wep?

I understand that using wep as an wireless sercuity is like leaving a
door open. is this true if it is how would change it?

In message
<4a5a5a54-c9e5-483c-a552-(E-Mail Removed)>,
smiley <(E-Mail Removed)> wrote
>I understand that using wep as an wireless sercuity is like leaving a
>door open. is this true if it is how would change it?

It's a lot better than using nothing but Google for WPA or WPA2. I use
the latter on my XP machine but had to download a WPA update from the
Microsoft site.

Use a decent key - download a random key generator such as can be found
at
http://www.soroban.co.uk/wepkeygen.htm
--
Alan
news2006 {at} amac {dot} f2s {dot} com

WEP is not very secure at all. It's a bit like leaving your front door
opening and hoping no one comes in.
Most routers have WPA/WPA2 settings which is more secure than WEP.
Generate a security key on the router or download a key generator.

Drummie


"smiley" <(E-Mail Removed)> wrote in message
news:4a5a5a54-c9e5-483c-a552-(E-Mail Removed)...
>I understand that using wep as an wireless sercuity is like leaving a
> door open. is this true if it is how would change it?

"drummie" <(E-Mail Removed)> wrote in message
news:mbVGj.27121$%(E-Mail Removed)...
> WEP is not very secure at all. It's a bit like leaving your front door
> opening and hoping no one comes in.
> Most routers have WPA/WPA2 settings which is more secure than WEP.
> Generate a security key on the router or download a key generator.

WEP is more secure than having no security at all. It will deter casual
visitors who are scanning for available networks in the area and who will
use an unsecured network if one is available.

But WPA is much more secure.

Sadly there are some PCs with older wireless adaptors (either plug-in or
built-in) which can only use WEP. My girlfriend's Sony laptop (about 2003
vintage) is one of those: when I was setting up her router it pained me to
have to set it up with WEP. Of course I could have opted not to use the
built-in adaptor and use a Cardbus adaptor such as a Netgear WG311 instead,
but that makes the PC less portable because the card sticks out of the side
of the laptop.

> I understand that using wep as an wireless sercuity is like leaving a
> door open. is this true if it is how would change it?

You can download a fully automated linux distribution that will
display the WEP key of any network within range. Allegedly.

Not sure whether it hacks WPA as well (possibly brute force ?)

"Colin Wilson" <(E-Mail Removed) o.uk> wrote
in message news:(E-Mail Removed) t...
>> I understand that using wep as an wireless sercuity is like leaving a
>> door open. is this true if it is how would change it?
>
> You can download a fully automated linux distribution that will
> display the WEP key of any network within range. Allegedly.
>
> Not sure whether it hacks WPA as well (possibly brute force ?)

With all the computers in all the world it would probably still take all the
time in the world - which is the whole idea...

In article <4a5a5a54-c9e5-483c-a552-(E-Mail Removed)>,
smiley <(E-Mail Removed)> wrote:
>I understand that using wep as an wireless sercuity is like leaving a
>door open. is this true if it is how would change it?

WEP isn't that secure, but it's better than nothing. It will stop the
casual sniffer and make them more likely to move on to someone else,
if all they're looking for is free bandwidth.

If you can, use WPA or WPA2, but if your Access Point is older
and supports WEP only, then most will also support MAC addres
authentication. It's fiddly to use, but adds a 2nd barrier. It won't stop
people breaking the WEP key and snooping data - such as unencrypted email
usernames and passwords, but it might stop them stealing your bandwidth.
It's still possible to fake a MAC address though, but you need to break
the WEP first and them wait for a station to stop using the netowrk
before taking over their MAC, but you've got to be really determined
(or desperate) to go that far...

Gordon

Gordon Henderson wrote:
> In article
> <4a5a5a54-c9e5-483c-a552-(E-Mail Removed)>,
> smiley <(E-Mail Removed)> wrote:
>> I understand that using wep as an wireless sercuity is like leaving a
>> door open. is this true if it is how would change it?
>
> WEP isn't that secure, but it's better than nothing. It will stop the
> casual sniffer and make them more likely to move on to someone else,
> if all they're looking for is free bandwidth.
>
> If you can, use WPA or WPA2, but if your Access Point is older
> and supports WEP only, then most will also support MAC addres
> authentication. It's fiddly to use, but adds a 2nd barrier. It won't
> stop people breaking the WEP key and snooping data - such as
> unencrypted email usernames and passwords, but it might stop them
> stealing your bandwidth.
> It's still possible to fake a MAC address though, but you need to
> break
> the WEP first and them wait for a station to stop using the netowrk
> before taking over their MAC, but you've got to be really determined
> (or desperate) to go that far...

AFAIK MAC codes are transmitted un-encrypted so they add nothing to
security.

Peter Crosland

(E-Mail Removed)

R. Mark Clayton wrote:
> "Colin Wilson" <(E-Mail Removed) o.uk> wrote
> in message news:(E-Mail Removed) t...
>>> I understand that using wep as an wireless sercuity is like leaving a
>>> door open. is this true if it is how would change it?
>> You can download a fully automated linux distribution that will
>> display the WEP key of any network within range. Allegedly.
>>
>> Not sure whether it hacks WPA as well (possibly brute force ?)
>
> With all the computers in all the world it would probably still take all the
> time in the world - which is the whole idea...
>
>
/Provided/ the key is good. I think I recall a dictionary attack method
was mentioned a while back that could crack a poor wpa key quite quickly.


--
Mike Scott (unet <at> scottsonline.org.uk)
Harlow Essex England

On 28/03/2008 10:30, Mike Scott wrote:

> /Provided/ the key is good. I think I recall a dictionary attack method
> was mentioned a while back that could crack a poor wpa key quite quickly.

There's some FPGA based hardware (called a cowpatty), that together with
large (40GB) rainbow tables, can do dictionary attacks (1 million words
against 1000 popular SSIDs) at a huge rate of knots

http://www.churchofwifi.org/

Don't think it can do brute forcing yet though so use non-dictionary WPA
keys and SSIDs.