Archived from groups: alt.internet.wireless (
More info?)
"Bob Alston" <bobalston9NOSPAM@aol.com> wrote in message
news:%xtZc.132398$Lj.62506@fed1read03...
>
>
>
> "gary" <pleasenospam@sbcglobal.net> wrote in message
> news
itZc.15870$TZ2.4723@newssvr22.news.prodigy.com...
> >
> > "Bob Alston" <bobalston9NOSPAM@aol.com> wrote in message
> > news
RsZc.132341$Lj.9128@fed1read03...
> >>
> >> "gary" <pleasenospam@sbcglobal.net> wrote in message
> >> news:N0rZc.15840$Ka2.8846@newssvr22.news.prodigy.com...
> >> >
> >> > "Bob Alston" <bobalston9NOSPAM@aol.com> wrote in message
> >> > news:aOqZc.132114$Lj.31258@fed1read03...
> >> >> I read recently that manufacturers of some wi-fi equipment have
> > improved
> >> >> their software so that WEP is more difficult to crack.
Specifically,
> >> >> they
> >> >> have reportedly quit sending type 4 packets (as I recall it is type
4)
> >> > which
> >> >> are apparently the key to WEP cracking.
> >> >>
> >> >> Anyone know the straight scoop on this. Is this correct? How
> > widespread
> >> >> have these improvements been implemented? How to tell if
implemented
> > on
> >> >> your equipment?
> >> >
> >> > No. I don't know what "type 4 packets" are, but 802.11 frames have a
> > 2-bit
> >> > type and a 4-bit subtype field. The type field values range from 0 -
3,
> >> > with
> >> > 3 unused. Type 0 (management) frames have a subtype 4, which is
beacon.
> >> > So-called SSID hiding is a modification to beacon frames that nearly
> >> > all
> >> > vendors support. It is claimed to be a security improvement, in that
> > your
> >> > network id is no longer broadcast 10 times a second, but the
> > improvement
> >> > is
> >> > in fact trivial. It has nothing to do with WEP or WPA.
> >> >
> >> >>
> >> >>
> >> >>
> >> >> --
> >> >> Bob Alston
> >> >>
> >> >> bobalston9 AT aol DOT com
> >> >>
> >> >>
> >> >> ---
> >> >> Outgoing mail is certified Virus Free.
> >> >> Checked by AVG anti-virus system (http://www.grisoft.com).
> >> >> Version: 6.0.746 / Virus Database: 498 - Release Date: 8/31/2004
> >> >>
> >> >>
> >> >
> >> >
> >>
> >> The link below is an example of the reference I was recalling, and
states
> >> that "the weak IV exploit is virtually non-existent".
> >>
> >>
http://www.security-focus.com/infocus/1792
> >>
> >> Not sure if this is but one exploit that allows WEP to be cracked.
> >
> > The article was a survey of security issues. It looked reasonably
accurate
> > and complete to me. I see no reference to "type 4 packets" or even SSID
> > hiding. It does mention that WEP is an incorrect implementation of RC4,
a
> > common stream cypher algorithm. The defects of the WEP implementation
are
> > not completely curable, but there is a problem called "weak IVs" which
has
> > been eliminated in newer chipsets. You'll probably get weak IV
suppression
> > with recent 802.11g chipsets, and maybe also as a firmware upgrade to
some
> > older 802.11b devices.
> >
> > If I were you, I'd follow the bullet list under "Basic Steps to Fix WEP
> > Problems" and not worry too much about weak IVs. Use 128-bit keys or
> > better
> > if you have them (40/64 can be cracked by brute force). Change keys
> > reasonably often ("reasonable" depends on how much traffic you generate,
> > and
> > how important security is to you). Use a wifi firewall in addition to a
> > regular one. For anything that *really* needs security, use independent
> > encryption (secure HTTP, PGP, VPN, whatever). And if you really need
good
> > security, buy WPA-capable equipment that can be upgraded to WPA2 with
AES
> > (that is, equipment that can do AES in the wifi chipset).
> >
> >>
> >> --
> >> Bob Alston
> >>
> >> bobalston9 AT aol DOT com
> >>
> >>
> >> ---
> >> Outgoing mail is certified Virus Free.
> >> Checked by AVG anti-virus system (http://www.grisoft.com).
> >> Version: 6.0.746 / Virus Database: 498 - Release Date: 8/31/2004
> >>
> >>
> >
> >
>
> The portion of the article I was intending to refer to was the following:
>
> "...the weak IV exploit is virtually non-existent. The manufacturers have
> eliminated that issue, at least as far as I have been able to tell. I have
> only been able to crack it once in the past several years and that was
> because an old wireless adaptor with outdated firmware was on the system."
The comment you cited from the O'Reilly site says about as much as can be
said about who fixed weak IVs and by what date. Fixing weak IVs does not
eliminate all the weaknesses of WEP. The fundamental problem is that the
fixed portion of the key never changes, and the changeable part - the
Initialization Vector, or IV - is 24 bits long. After *at most* 2^24 frames,
the IV has to repeat, and therefore the keystream to encrypt the frame
repeats. Not to mention that crackers can inject known data into your
network to build a partial dictionary of IV/keystream pairs ... there are
lots of possible attacks. WPA/WPA2 are much stronger than WEP ever will be.
But WEP is perfectly useful for ordinary people who are not likely to be
targets of sustained attacks. Just use long, random hex keys and change them
fairly often.
>
> --
> Bob Alston
>
> bobalston9 AT aol DOT com
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.746 / Virus Database: 498 - Release Date: 8/31/2004
>
>