Re: WEP Encryption Key Length

Greg Berchin <gberchin@xxxxxxxxxxxxxxxxxxx> writes:

On Nov 21, 8:37 am, Randy Yates <ya...@xxxxxxxx> wrote:

methinks WEP is "good enough."

If you don't broadcast your SSID, and you use MAC address filtering,
and you use 128-bit WEP, and you change your passcode more often than
once per lifetime, you're probably in good shape. Do you do anything
so critical that somebody would be motivated to park outside your
house for several days, in a van with shaded windows, to hack your
wireless network? Not many people do, and those who do usually don't
do it from home.

You should broadcast your SSID. Any hacker watching traffic will see
it anyway. Not broadcasting means that your neighbor won't see your
network when he's configuring his, and so he will choose the same
channel you are on, and wonder why his connection is so slow.

MAC address filtering is a mixed bag. A hacker watching traffic will
know your MAC addresses and be able to spoof them. It's also a pain
if you ever have visitors and want to allow them to use your network,
since you have to change the configuration of your access point, in
addition to giving them your password.

People aren't necessarily motivated by anything you do; they could be
motivated just by the signal. [The following anecdote isn't meant to
be proof of this assertion.] I had an old access point (WEP only)
that I left plugged in, but not connected to anything for over a year.
I noticed somebody parked in front of my house, sitting in the car,
about once a month. When I finally unplugged it and threw it away,
the mysterious visitors seemed to go away. I don't have any proof
that anything was going on--it may just have been a coincidence. I
used to be able to find war-driving maps online which showed every
home and business network in my town. I could imagine that my network
showed up on some map as "hackable, but not hacked" (because there was
never any traffic to watch). Or maybe it was hacked, but there was no
connectivity. Anyway, I now have a WPA2 encrypted network, and I
haven't noticed anyone who seems to be interested.

Scott
--
Scott Hemphill hemphill@xxxxxxxxxxxxxxxxxx
"This isn't flying. This is falling, with style." -- Buzz Lightyear
.

Relevant Pages

  • Re: 14 octet MACs and security
    ... > I gave up on WEP for my home wireless network a long time ago. ... Maybe you should un-giveup on WEP and see if you can let the router ... > One of my lines of defense is a mac address filter in my iptables ... and denying him DHCP entirely doesn't get rid of his ...
    (comp.os.linux.networking)
  • Re: New Vista Laptop Does Not Connect
    ... Some computers may have a problem to access a wireless with MAC address filtering and WEP enabled. ... How to Setup Windows, Network, VPN & Remote Access on ...
    (microsoft.public.windows.vista.networking_sharing)
  • Re: Whats the current status on WEP cracking?
    ... Some claim that WEP is/can be secured so that it is practically ... MAC filtering also doesn't work. ... addresses can be found from traffic on the network. ... but the tools require a certain number of packets. ...
    (sci.crypt)
  • Re: Wieless security (was: Suspend bug)
    ... filter MACs and don't broadcast ESSID. ... MAC filtering is utterly useless as a security measure. ... into your network, but accidentally connecting to the wrong one). ... Not broadcasting an ESSID is going to cause more problems than it ...
    (Fedora)
  • Re: More fun with "my" New Laptop
    ... Not so happy about getting WiFi to work on Windows ... It's much more complicated and picky than it is on the Mac. ... "other" (for a new network) type in the network name and the WEP ...
    (comp.sys.mac.advocacy)