1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The Final 'Final' Nail in WEP's Coffin?

Discussion in 'News' started by tripwire45, Apr 6, 2007.

  1. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287

    The Final 'Final' Nail in WEP's Coffin?



    Researchers have discovered a new way of attacking Wired Equivalent Privacy that requires an amount of data "more than an order of magnitude" less than the best known key-recovery attacks. In effect, the cracking can be done within a minute, as the title of the paper suggests: Breaking 104 bit WEP in less than 60 seconds. Specifically, only 40,000 data packets are needed for a 50 percent chance of success, while 85,000 packets give a 95 percent chance of success, according to the paper's authors: Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin, all researchers in the computer science department at Darmstadt University of Technology in Darmstadt, Germany.

    Complete article found at eWeek.com.
     
    Certifications: A+ and Network+
porta2_tags:

Comments

    1. zebulebu
      zebulebu
      LOL

      Yet only last week I was in PC World buying a new external disk when i overheard some pillock telling the poor sap he was selling a wireless router to that WEP was 'practially uncrackable'...

      I have never understood why anyone who knows even the slightest thing about WLAN security would deploy WEP when almost all of the 'little box' W-Rtrs now come with WEP, WPA and WPA2 as standard.

      In fact, I'd argue that any minor benefits that may be gained by deploying WEP and vanilla WPA are offset almost completely by the fact that the people deploying them are so unaware of how inherently insecure they are that they 'fit and forget' - possibly leading to their WLAN being pwned for weeks without them even realising it.
    2. thetokyoproject
      thetokyoproject
      how about mac filtering.

      how difficult is it to get through this restriction?
    3. Modey
      Modey
      As I understand it spoofing a mac address is not hard with the correct tools.

      WPA is also crackable, so at the end of the day no wireless network is truly secure really. You just have to implement the steps that are reasonable for the environment you are in. My home WAP is reasonably well locked down, but if someone was determined to get into it, I'm sure they could. I ain't gonna lose sleep over it though. :)
    4. BosonMichael
      BosonMichael
      No, I wouldn't either - not with the number of unsecured networks all over my neighborhood. I don't have to have the best security in the world... just better than those around me in my neighborhood. It's like the hungry lion story - I don't have to be faster than the lion... I only have to be faster than you.
    5. Modey
      Modey
      Nice analogy. :)
    6. michael78
      michael78
      I would of got rid of WEP for WPA if it wasn't for my Nintendo DS not being WPA compatible...:rolleyes:
    7. BosonMichael
      BosonMichael
      Another vote for PC gaming over consoles/handhelds. heh!!!

    Share This Page