Forum Index
Home Forum Radio Memberlist Help Search Quick Links

It appears you have not yet registered with our community which limits what you can do & see. It's Free To register, please click here.



Forum Index » Internet » Security Alerts and vulnerabilities » One More Crack at the WEP
Register Calendar Gallery Mark Forums Read

Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here..

Reply
 
Thread Tools Display Modes
  #1  
Old 10-27-2007, 05:14 AM
Symantec's Avatar
Symantec Symantec is offline
Senior Member
  
Join Date: Oct 2006
Posts: 295
One More Crack at the WEP
One More Crack at the WEP
<p>Wireless Equivalency Protocol (WEP) has been one of the hottest topics in Irish news over the last few days. One of the leading providers of DSL in Ireland has supplied users with wireless routers protected using WEP. What made this newsworthy is that it has emerged that the WEP keys used to encrypt the network traffic and to control access to a private network were generated using the (Service Set Identifier) SSID. The algorithm used to generate the encryption keys has been analyzed and a tool is freely available which allows anyone within range of the router to trespass on a wireless network that has been secured using the default settings.</p>

<p>The DSL provider and media reports are advising customers that if they change their WEP keys, they will be safe from any trespassers or malicious attackers trying to get onto their network. While it is true changing the default WEP settings will mitigate this particular attack it will not make your wireless network secure.</p>

<p>WEP is a flawed system that can be broken within minutes by anyone with the suitable tools and the appropriate hardware. I have verified this myself in the wireless lab here in Security Response Dublin. The tools and the hardware are readily available and this is why customers should be advised to drop WEP altogether in favor of the more secure (WiFi Protected Access) WPA encryption standard. Instead users should follow the additional instructions provided by the DSL provider to switch to WPA. The WEP issue has been highlighted countless times in blogs and articles all over the Internet and I am hoping that, in light of this incident, people might start to listen and drop WEP altogether if they are concerned about the security of their wireless networks.</p>

<p>WEP is not secure and can only be thought of as a mere obstacle that will only slow down a determined attacker. WPA on the other hand provides much better security for wireless networks and is the standard that should be adopted by everyone.<br />
</p>
http://www.symantec.com/enterprise/security_response/weblog/2007/10/one_more_crack_at_the_wep.html
http://www.symantec.com/enterprise/security_response/weblog/2007/10/one_more_crack_at_the_wep.html
Wed, 03 Oct 2007 01:00:00 -0800
Reply With Quote
Posted


Reply

  • Submit Thread to Digg Digg
  • Submit Thread to del.icio.us del.icio.us
  • Submit Thread to StumbleUpon StumbleUpon
  • Submit Thread to Google Google
    • Bookmarks

    « Previous Thread | Next Thread »
    Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
     
    Thread Tools
    Display Modes
    Linear Mode Linear Mode

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts
    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off
    Forum Jump



    All times are GMT -5. The time now is 10:05 AM.

    Contact Us - CyberAnswers - Archive - Privacy Statement - Top

    Firefox 2