|
Recently, there has been a great deal of press concerning the weaknesses of
WEP, which is part of the (WiFi-802.11) standard. Various WEP
vulnerabilities such as the plaintext attack, bit flipping attack, and
statistical analysis attack have been well publicized. The most crippling
vulnerability is the "Key Scheduling Algorithm of RC4." This
attack allows a WEP key to be easily compromised through off-line analysis
on a set of captured packets.
Three primary reasons render WEP security weak:
-
The use of RC4 encryption algorithm, a stream cipher, for encrypting packets;
-
The inability to have per user/session keys;
-
The lack of re-keying support to allow changing the encryption key frequently.
There are various utilities that have recently emerged which can successfully
compromise WEP keys.
Airsnort,
WEPCrack and NetStumbler
are such utilities readily available on the Internet today.
| These openly available utilities have lead to a new
network underground hobby called 'WarDriving.' WarDriving is
driving around a neighborhood to find wireless networks. Once a war driver
finds a network they will sometimes mark it by 'warchalking.'
|
 |
Check out this BBC news story on WarDriving:
FBI
warns about wireless craze
Taking the security of your wireless network to the next level is not so
straight forward. First of all there is an alphabet soup of protocols
that must be sorted through in order to properly secure your wireless
network. WPA, WPA2, 802.1x, RADIUS, EAP-TLS, PEAP, LEAP, TKIP, RC4,
AES, PKI are some of the base protocols that make up a secure
wireless network. Once you've sorted out what your security requirements
are then you must choose hardware that supports the proper
protocols. Once that is out of the way, there are still the same
bandwidth and connection issues that were problematic in the previous insecure
standard (WEP).
Software Blueprint IT Consulting can sort
through this security maze for you and help you to decide what wireless
technology is right for you.
|
