|
Posted by Todd H. on October 10, 2005, 9:19 pm
If you were Registered and logged in, you could reply and use other advanced thread options > Greetings,
>
> I am in the process of setting up wireless access in our small
> office. The wireless access point hardware I have seen is all equipped
> to do up to 128 bit WEP encryption and MAC filtering. A couple of
> questions:
>
> 1. I have read that WEP is broken. Is it really? Do I want to use
> something else? One of the laptops that will be connecting is a few
> years old and it's built in wireless supports WEP 128 but not other
> encryption as far as I can tell.
WPA with radius authentication is cryptographically quite superior.
WEP is crackable very quickly provided enough initialization vectors
and traffic have been gathered. Injection techniques can be leveraged
to generate the required traffic in a compressed timeframe. Freely
available tools like kismet are available with these tools built in.
If your access point uses weak/predicatable initialization vectors,
it's cracable that more quickly.
> 2. MAC filtering seems to me to be a great idea. Adds a layer of
> security. If WEP is enabled, is the MAC address of the laptop also
> encrypted? Does it matter?
The mac is in the clear, IIRC. Passive sniffers like kismet can
detect them, and those mac's can be used in spoofing.
> 3. Thinking out loud now. If my laptop is busy looking for wireless
> access points, and transmitting it's MAC address in the clear. Assume
> an attacker learns my MAC address. Then I get to my office and log on
> to the Wireless Access Point. It requires that I send the MAC
> encrypted. Does the attacker have a crib that will them to pry open
> WEP 128? If so, am I better off with just WEP and not MAC
> filtering?
WEP 128 is better than mac filtering alone. wep 128 + mac filtering
will prevent the casual hack, but is trivially crackable for someone
in sniffing range. For home use, probably it's acceptable risk
depending on how dense your surroundings. For a business environment,
a VPN connection with strong encryption is preferable.
WPA + radius authentication is the best of breed right now. Firmware
upgrades may get you there for free. WPA + pre-shared key
authentication has a weakness in it that makes a brute force attack
nearly feasible, though I haven't been following that issue closely.
All production wireless right now should be considered something that
can be DOS'd so relying on it for a connection that must be there
continuously is dicey. Wired is preferable if possible.
--
Todd H.
http://www.toddh.net/
| 
XML site map