WEP - how easy is it to defeat?

I am a newbie, so pls be gentle ... :-)
How easy is it to defeat WEP? From reading the the news traffic in this
group it seemed that many people are having trouble with WPA (PSK?) so
I have not gone with it, yet. Currently I am only enabling WEP (
10-digit hex network connection) and SSID hidden/not broadcast. Is
there a tool that people use to sniff un-encrypted wifi signal and
extract this network login key or something like that? I think it
would help other newbie too if someone can give info on how these
things are hacked. Thanks.

cmdrdata wrote:

>I am a newbie, so pls be gentle ... :-)
>How easy is it to defeat WEP? From reading the the news traffic in this
>group it seemed that many people are having trouble with WPA (PSK?) so
>I have not gone with it, yet. Currently I am only enabling WEP (
>10-digit hex network connection) and SSID hidden/not broadcast. Is
>there a tool that people use to sniff un-encrypted wifi signal and
>extract this network login key or something like that? I think it
>would help other newbie too if someone can give info on how these
>things are hacked. Thanks.
>
>
>
I don't know specifics on the subject (a google search would probably be
enlightening), but there is software available which can break a WEP key
in a very short time if there is sufficient traffic (say a minute?).

Not broadcasting the SSID is worthless as is filtering MAC addresses.

WEP is fine for preventing someone from inadvertently connecting to your
network, but not for security.

If you don't want someone to connect to your network, use WPA or WPA2
with a good, long passphrase (one that is not easily discovered with a
dictionary attack).

ok, here's my setup and help me understand if I am at risk: two laptops
on wifi, both are mostly "off" when not in use (hibernate or standby).
My desktop (hard wired 10BaseT) is also powered off when not in use.
Shared printer connected to the router is always on, and I live in the
suburb. Nothing else is shared between these PCs. However, my DSL is
always connected to the internet. Is this a high risk setup with just
WEP?

Another question: When I bring my laptop in the car, I can drive around
and see many wifi signal with 50% says unsecured, and some of them have
SSID=default. So If I stopped in a parking lot and connect to this
network to access the internet using someone's unsecured wifi network,
is there a law against that yet (I am sure there will be one soon).

cmdrdata wrote:

>ok, here's my setup and help me understand if I am at risk: two laptops
>on wifi, both are mostly "off" when not in use (hibernate or standby).
>My desktop (hard wired 10BaseT) is also powered off when not in use.
>Shared printer connected to the router is always on, and I live in the
>suburb. Nothing else is shared between these PCs. However, my DSL is
>always connected to the internet. Is this a high risk setup with just
>WEP?
>
>Another question: When I bring my laptop in the car, I can drive around
>and see many wifi signal with 50% says unsecured, and some of them have
>SSID=default. So If I stopped in a parking lot and connect to this
>network to access the internet using someone's unsecured wifi network,
>is there a law against that yet (I am sure there will be one soon).
>
>
>
The laws in most places are not clear about connecting to unsecured
networks. In some places you can be charged -- but it is also hard to
determine who connected to an unsecured network.

Another reason it is unclear is that it is easy to connect to an
unsecured network inadvertently. Where I live, there has been no other
wireless network near enough to register at my home until recently.
About a week ago, I noticed I couldn't connect to my network printer.
Discovered my wireless card had connected to my neighbor's unsecured
network instead of my own network. Easy enough to fix, but very easy to
happen.

Systems which are powered off are not at risk. If any system is running,
it can compromise your network. If anyone breaks your WEP encryption,
they can access your access point at any time, since it is always on. If
someone using your AP engages in illegal activity through your IP, that
activity could be attributed to you.

It is not very probable that anyone will misuse your network or even
want to break in (until just recently, my AP was unsecured), but if you
are concerned, you should use WPA.

Unencrypted WLAN traffic can be intercepted VERY easy, see this
screenshot for an example:
http://www.iopus.com/iPig/images/wla...-intercept.png

cmdrdata <(E-Mail Removed)> wrote:

> I am a newbie, so pls be gentle ... :-)
> How easy is it to defeat WEP? From reading the the news traffic in this
> group it seemed that many people are having trouble with WPA (PSK?) so
> I have not gone with it, yet. Currently I am only enabling WEP (
> 10-digit hex network connection) and SSID hidden/not broadcast. Is
> there a tool that people use to sniff un-encrypted wifi signal and
> extract this network login key or something like that? I think it
> would help other newbie too if someone can give info on how these
> things are hacked.

See
<http://www.oreillynet.com/pub/a/wire...cks_chap1/inde
x.html>.

In 2003, Rob Flickenger cracked a WEP key after sniffing about 90
minutes of traffic on a busy 802.11b network. (The "hidden" SSID was
detected in seconds.) Today, a similarly saturated 802.11g network could
be cracked in even less time. That doesn't mean WEP is worthless. It's
still better than nothing, but it's just not a significant hurdle for a
determined attacker.

As for reported problems with WPA, remember that Usenet always
exaggerates the negative: people don't post about problems they aren't
having. WPA has been around for a while, and lots of people are using it
successfully. Try it. If it works for you, there's no reason to stick
with WEP.

Of course it would be better to have security than not
have security. But, getting an access code requires dedication,
skill, talent, know-how, time and hard work.. Not just any
run-of-the-mill hacker can do it. A person would need a
reason to get a code. Plus generally a long transmission would
be required. Generally a professional would be needed
and professionals have to be paid, usually. I don't flatter
my ego by thinking that such a person will be attracted to
my AP. Some of the security scare is promoted by orgs.
who sell their wares to you..IMHOP

cmdrdata wrote:
> I am a newbie, so pls be gentle ... :-)
> How easy is it to defeat WEP? From reading the the news traffic in this
> group it seemed that many people are having trouble with WPA (PSK?) so
> I have not gone with it, yet. Currently I am only enabling WEP (
> 10-digit hex network connection) and SSID hidden/not broadcast. Is
> there a tool that people use to sniff un-encrypted wifi signal and
> extract this network login key or something like that? I think it
> would help other newbie too if someone can give info on how these
> things are hacked. Thanks.
>

This article
http://www.tomsnetworking.com/Sections-article111.php
does a great job of explaining how WEP can be broken using a handful of
free tools. The technique is not for noobs, but far from beyond the
realm of possibility for a weekend hacker.

--
Smartin

There is precedent in the UK for unauthorised WLAN access being a
criminal offence:

http://news.bbc.co.uk/1/hi/technology/4721723.stm

WPA works just as well as WEP as is far more secure. Use WPA-PSK (Pre
Shared Key), with a strong key (letters, symbols & numbers, and nothing
in the dictionary) - keep this key to yourself.

My thinking is more in line with Hank. As long as the casual user
don't have an easy access to my network, I think that I am quite safe.
OTOH, say that I am traveling with my my wifi laptop, found an
"unsecured" AP, and unbeknowsnt to me this was a "scam" setup by a
scrupulous operator to retrieve critical data from anyone that uses
that network, then I'd be in real trouble.... Say this person is
sniffing my TCP/IP traffic and extracting bank account info, login
password etc. I mean don't we all at one or another use the hotel
network or other legit wifi AP to check our bank statements etc.? This
brings up another point that I also am experiencing: my WZC is dropping
one connection and trying to connect to other network it sees, and
then it goes back to the previous network.