Sign in with
Sign up | Sign in
Your question

Security using WEP 128 (104)bit

Last response: in Wireless Networking
Share
April 5, 2004 10:53:19 AM

Archived from groups: alt.internet.wireless (More info?)

Hi All,

Can anyone point me to a reliable reference that gives guidance as to
the appropriate frequency of key changes required to make WEP 128 bit
practically safe ?

Thanks,

Neil
Anonymous
a b F Wireless
a b 8 Security
April 5, 2004 10:53:20 AM

Archived from groups: alt.internet.wireless (More info?)

"Neil" <me@home.com> wrote in news:c4psk1$27g0$1@otis.netspace.net.au:

> Can anyone point me to a reliable reference that gives guidance as to
> the appropriate frequency of key changes required to make WEP 128 bit
> practically safe ?

It depends on the traffic on your network.

But on a high traffic network, WEP 64 takes a 2 - 4 hours. WEP 128 about 8
- 40 hours.


Use WPA if possible.

--
Lucas Tam (REMOVEnntp@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
Anonymous
a b F Wireless
a b 8 Security
April 5, 2004 10:53:21 AM

Archived from groups: alt.internet.wireless (More info?)

"Lucas Tam" <REMOVEnntp@rogers.com> wrote in message
news:Xns94C1B6B03B58Fnntprogerscom@140.99.99.130...
> "Neil" <me@home.com> wrote in news:c4psk1$27g0$1@otis.netspace.net.au:
>
>> Can anyone point me to a reliable reference that gives guidance as to
>> the appropriate frequency of key changes required to make WEP 128 bit
>> practically safe ?
>
> It depends on the traffic on your network.
>
> But on a high traffic network, WEP 64 takes a 2 - 4 hours. WEP 128 about 8
> - 40 hours.
>
>
> Use WPA if possible.
>
> --
> Lucas Tam (REMOVEnntp@rogers.com)
> Please delete "REMOVE" from the e-mail address when replying.
> http://members.ebay.com/aboutme/coolspot18/

Are you talking about the number of hours required to crack both 64 and 128
WEP?

Harryc
--
Related resources
April 5, 2004 10:53:21 AM

Archived from groups: alt.internet.wireless (More info?)

Cracking 128-bit WEP key takes about 8 to 40 hours? Ha-ha-ha-ha, yeah
right! Have you tried cracking WEP key your own WAP? Theoritically WEP
keys are crackable but not that easy, allec. There are only 2 *nix based
programs that I know of, none runs on Windows. If crackers would see the
WEP keys in plain text, what then if I use Hex of these non-printable
characters:

Char Oct Dec Hex Control-Key Control Action
NUL 0 0 00 ^@ Null character
SOH 1 1 01 ^A Start of heading, = console interrupt
STX 2 2 02 ^B Start of text, maintenance mode on HP console
ETX 3 3 03 ^C End of text
EOT 4 4 04 ^D End of transmission, not the same as ETB
ENQ 5 5 05 ^E Enquiry, goes with ACK; old HP flow control
ACK 6 6 06 ^F Acknowledge, clears ENQ logon hand
BEL 7 7 07 ^G Bell, rings the bell...
BS 10 8 08 ^H Backspace, works on HP terminals/computers
HT 11 9 09 ^I Horizontal tab, move to next tab stop
LF 12 10 0a ^J Line Feed
VT 13 11 0b ^K Vertical tab
FF 14 12 0c ^L Form Feed, page eject
CR 15 13 0d ^M Carriage Return
SO 16 14 0e ^N Shift Out, alternate character set
SI 17 15 0f ^O Shift In, resume defaultn character set
DLE 20 16 10 ^P Data link escape
DC1 21 17 11 ^Q XON, with XOFF to pause listings; ":o kay to send".
DC2 22 18 12 ^R Device control 2, block-mode flow control
DC3 23 19 13 ^S XOFF, with XON is TERM=18 flow control
DC4 24 20 14 ^T Device control 4
NAK 25 21 15 ^U Negative acknowledge
SYN 26 22 16 ^V Synchronous idle
ETB 27 23 17 ^W End transmission block, not the same as EOT
CAN 30 24 17 ^X Cancel line, MPE echoes !!!
EM 31 25 19 ^Y End of medium, Control-Y interrupt
SUB 32 26 1a ^Z Substitute
ESC 33 27 1b ^[ Escape, next character is not echoed
FS 34 28 1c ^\ File separator
GS 35 29 1d ^] Group separator
RS 36 30 1e ^^ Record separator, block-mode terminator
US 37 31 1f ^_ Unit separator

How many people would try to crack WEP key of someone else WAP just to
access the Internet for free when there are lots of stupid people out
there who leave their WAP's security disabled?

On Mon, 5 Apr 2004, Lucas Tam wrote:

> "Harry C" <harryc@net.invalid> wrote in
> news:QM0cc.11090$W57.3191@nwrdny03.gnilink.net:
>
> >> But on a high traffic network, WEP 64 takes a 2 - 4 hours. WEP 128
> >> about 8 - 40 hours.
> >>
> > Are you talking about the number of hours required to crack both 64
> > and 128 WEP?
>
>
> Ha Ha... yes.
>
> Geez, must of fell asleep at the keyboard.
>
>
>
>
Anonymous
a b F Wireless
a b 8 Security
April 5, 2004 10:53:22 AM

Archived from groups: alt.internet.wireless (More info?)

"Harry C" <harryc@net.invalid> wrote in
news:QM0cc.11090$W57.3191@nwrdny03.gnilink.net:

>> But on a high traffic network, WEP 64 takes a 2 - 4 hours. WEP 128
>> about 8 - 40 hours.
>>
> Are you talking about the number of hours required to crack both 64
> and 128 WEP?


Ha Ha... yes.

Geez, must of fell asleep at the keyboard.



--
Lucas Tam (REMOVEnntp@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
Anonymous
a b F Wireless
a b 8 Security
April 5, 2004 2:38:39 PM

Archived from groups: alt.internet.wireless (More info?)

JimboLee2@NETZER0@.NET wrote:

> If crackers would see the
> WEP keys in plain text, what then if I use Hex of these non-printable
> characters:

Crackers don't see any plain text. The programs used to break the WEP,
simply get enough info to calculate the key. Using non plain text keys
only reduces the chance of someone using a dictionary attack.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
Anonymous
a b F Wireless
a b 8 Security
April 5, 2004 4:39:37 PM

Archived from groups: alt.internet.wireless (More info?)

"JimboLee2@NETZER0@.NET" <anon@pop.netzero.net> wrote in
news:p ine.LNX.4.44.0404042324470.1411-100000@localhost:

> If crackers would see the
> WEP keys in plain text, what then if I use Hex of these non-printable
> characters:
>

It doesn't matter - the programs reverse calculate the keys, so it doesn't
matter what you use for your keys.

As long as the program is able to capture enough packets... your keys will
be cracked.



--
Lucas Tam (REMOVEnntp@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
April 5, 2004 5:55:16 PM

Archived from groups: alt.internet.wireless (More info?)

Yes, but no hacker is going to invest one evening a week sitting outside
your house gathering data to crack the key you change every week (or every
day, if you're paranoid). An ordinary residence will be a target in order to
gain access to your ISP, not to gain access to your private data. Finding
your credit card number would be gravy, not the primary obejctive.

On the other hand, if you never change your key, spending one evening
cracking it would be a worthwhile investment of time to buy months of
unrestricted access to the internet via your ISP connection.

"Lucas Tam" <REMOVEnntp@rogers.com> wrote in message
news:Xns94C2580876075nntprogerscom@140.99.99.130...
> "JimboLee2@NETZER0@.NET" <anon@pop.netzero.net> wrote in
> news:p ine.LNX.4.44.0404042324470.1411-100000@localhost:
>
> > If crackers would see the
> > WEP keys in plain text, what then if I use Hex of these non-printable
> > characters:
> >
>
> It doesn't matter - the programs reverse calculate the keys, so it doesn't
> matter what you use for your keys.
>
> As long as the program is able to capture enough packets... your keys will
> be cracked.
>
>
>
> --
> Lucas Tam (REMOVEnntp@rogers.com)
> Please delete "REMOVE" from the e-mail address when replying.
> http://members.ebay.com/aboutme/coolspot18/
Anonymous
a b F Wireless
a b 8 Security
April 5, 2004 6:38:54 PM

Archived from groups: alt.internet.wireless (More info?)

On Mon, 05 Apr 2004 13:55:16 GMT, "gary" <pleasenospam@sbcglobal.net>
wrote:

>Yes, but no hacker is going to invest one evening a week sitting outside
>your house

You assume that the only peolpe interested in cracking the key would
be somebody in a car. In reality it could be a neighbor who can leave
his computer running all day and night until he cracks it. No
inconvenience at all.

>athering data to crack the key you change every week (or every
>day, if you're paranoid). An ordinary residence will be a target in order to
>gain access to your ISP, not to gain access to your private data. Finding
>your credit card number would be gravy, not the primary obejctive.
>
>On the other hand, if you never change your key, spending one evening
>cracking it would be a worthwhile investment of time to buy months of
>unrestricted access to the internet via your ISP connection.
>
>"Lucas Tam" <REMOVEnntp@rogers.com> wrote in message
>news:Xns94C2580876075nntprogerscom@140.99.99.130...
>> "JimboLee2@NETZER0@.NET" <anon@pop.netzero.net> wrote in
>> news:p ine.LNX.4.44.0404042324470.1411-100000@localhost:
>>
>> > If crackers would see the
>> > WEP keys in plain text, what then if I use Hex of these non-printable
>> > characters:
>> >
>>
>> It doesn't matter - the programs reverse calculate the keys, so it doesn't
>> matter what you use for your keys.
>>
>> As long as the program is able to capture enough packets... your keys will
>> be cracked.
>>
>>
>>
>> --
>> Lucas Tam (REMOVEnntp@rogers.com)
>> Please delete "REMOVE" from the e-mail address when replying.
>> http://members.ebay.com/aboutme/coolspot18/
>
Anonymous
a b F Wireless
a b 8 Security
April 5, 2004 6:43:09 PM

Archived from groups: alt.internet.wireless (More info?)

Taking a moment's reflection, gary mused:
|
| Yes, but no hacker is going to invest one evening a week sitting outside
| your house gathering data to crack the key you change every week (or every
| day, if you're paranoid).

They wouldn't necessarily have to. They could be someone in the next
flat with all the time in the world to sniff packets.
April 5, 2004 10:41:14 PM

Archived from groups: alt.internet.wireless (More info?)

While it's true that the guy in the next flat doesn't haven't to sit in the
parking lot, he still has to invest as much as a day or more a week to
continually recrack your key if you change it once a week using randomly
selected hex keys. Since most routers and clients let you preconfigre a list
of 4 keys, if you just change this list once a week, you can set a new
default key every couple of days by clicking on a new list entry.

I'm certainly not trying to argue that WEP is as effective as WPA, but this
kind of precaution should eliminate the overwhelming majority of potential
hackers. If you have a neighbor that is willing to spend that kind of time
continually hacking your system, instead of looking for easier targets, then
the guy wants into your system really badly. You then have problems beyond
simple net security - this is the kind of person who would break into an
apartment.

The tradeoff is between whatever effort it will take you to successfully
upgrade both your router firmware, your client firmware, and possibly
Windows, and then get it all configured correctly, versus just configuring
the 128-bit WEP that comes standard with most routers. I'd rather see home
users at least move to WEP, rather than blow off security altogether, or
pretend that SSID broadcast disabling or MAC filtering are valid security
measures.

"mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
news:1gecc.190875$Cb.1728715@attbi_s51...
> Taking a moment's reflection, gary mused:
> |
> | Yes, but no hacker is going to invest one evening a week sitting outside
> | your house gathering data to crack the key you change every week (or
every
> | day, if you're paranoid).
>
> They wouldn't necessarily have to. They could be someone in the next
> flat with all the time in the world to sniff packets.
>
>
April 5, 2004 11:42:18 PM

Archived from groups: alt.internet.wireless (More info?)

On Mon, 5 Apr 2004, Lucas Tam wrote:

> "JimboLee2@NETZER0@.NET" <anon@pop.netzero.net> wrote in
> news:p ine.LNX.4.44.0404042324470.1411-100000@localhost:
>
> > If crackers would see the
> > WEP keys in plain text, what then if I use Hex of these non-printable
> > characters:
> >
>
> It doesn't matter - the programs reverse calculate the keys, so it doesn't
> matter what you use for your keys.
>
> As long as the program is able to capture enough packets... your keys will
> be cracked.
>

Enough packet what? Those claims are just based on theories. You don't
even use *nix OS, what do you know.
April 6, 2004 12:00:02 AM

Archived from groups: alt.internet.wireless (More info?)

fOn Mon, 5 Apr 2004, mhicaoidh wrote:

> Taking a moment's reflection, gary mused:
> |
> | Yes, but no hacker is going to invest one evening a week sitting outside
> | your house gathering data to crack the key you change every week (or every
> | day, if you're paranoid).
>
> They wouldn't necessarily have to. They could be someone in the next
> flat with all the time in the world to sniff packets.
>

The *nix based Kismet can see both WAPs and wireless LAN clients. With
Kismet you can reverse snoop how much packet your neighbor is
transmitting. You can also put a decoy Linux box emulating a WAP emitting
bogus packets with crons to change WEP from time to time.
April 6, 2004 12:54:12 AM

Archived from groups: alt.internet.wireless (More info?)

Thanks All for the interesting responses, getting back to the original
question,

Can anyone point me to a reliable reference that gives guidance as to
the appropriate frequency of key changes (time or data) required to make WEP
128 bit practically safe ?

Regards,

Neil


"James Knott" <bit_bucket@rogers.com> wrote in message
news:p Gacc.12431$L_8.5532@news01.bloor.is.net.cable.rogers.com...
> JimboLee2@NETZER0@.NET wrote:
>
> > If crackers would see the
> > WEP keys in plain text, what then if I use Hex of these non-printable
> > characters:
>
> Crackers don't see any plain text. The programs used to break the WEP,
> simply get enough info to calculate the key. Using non plain text keys
> only reduces the chance of someone using a dictionary attack.
>
> --
>
> Fundamentalism is fundamentally wrong.
>
> To reply to this message, replace everything to the left of "@" with
> james.knott.
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 12:54:13 AM

Archived from groups: alt.internet.wireless (More info?)

"Neil" <me@home.com> wrote in news:c4rdsm$2td$1@otis.netspace.net.au:

> Can anyone point me to a reliable reference that gives guidance as to
> the appropriate frequency of key changes (time or data) required to
> make WEP 128 bit practically safe ?

We did answer your question... WEP is insecure, so no amount of keychanges
will secure your network.

I say change your key once every couple of months. If you're uber paranoid,
once a day or once a week.

Otherwise see if your AP supports WPA - it's much more secure.

--
Lucas Tam (REMOVEnntp@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 12:54:14 AM

Archived from groups: alt.internet.wireless (More info?)

Lucas Tam <REMOVEnntp@rogers.com> wrote in
news:Xns94C2546F64B3Enntprogerscom@140.99.99.130:

> I say change your key once every couple of months. If you're uber
> paranoid, once a day or once a week.

Then again I haven't changed my 40-bit key in a couple years and never had
a problem.

--
Lucas Tam (REMOVEnntp@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 1:54:26 AM

Archived from groups: alt.internet.wireless (More info?)

Lucas Tam <REMOVEnntp@rogers.com> wrote in
news:Xns94C2546F64B3Enntprogerscom@140.99.99.130:

> We did answer your question... WEP is insecure, so no amount of
> keychanges will secure your network.
>
> I say change your key once every couple of months. If you're uber
> paranoid, once a day or once a week.
>
> Otherwise see if your AP supports WPA - it's much more secure.

The insecurity of WEP is based on it being used for enough traffic that it
can be easily broken. But, if you just use it for routine email and web
browsing (and not for large file downloads) it can be many days (or more)
before that amount of traffic occurs. I don't recall numbers I've seen
when I was first looking at it, but it seemed like changing WEP keys weekly
was more than enough for a single user (such as my use only with my
laptop). This is a good question - it's a shame that there doesn't appear
to be such a URL available.

--
Tom McCune
My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 5:29:08 AM

Archived from groups: alt.internet.wireless (More info?)

Neil wrote:

> Can anyone point me to a reliable reference that gives guidance as to
> the appropriate frequency of key changes (time or data) required to make
> WEP 128 bit practically safe ?
>

That would depend on how much you use WiFi and how much time someone wants
to spend trying to crack the key.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 5:30:43 AM

Archived from groups: alt.internet.wireless (More info?)

Lucas Tam wrote:

> Lucas Tam <REMOVEnntp@rogers.com> wrote in
> news:Xns94C2546F64B3Enntprogerscom@140.99.99.130:
>
>> I say change your key once every couple of months. If you're uber
>> paranoid, once a day or once a week.
>
> Then again I haven't changed my 40-bit key in a couple years and never had
> a problem.
>

That you're aware of. Do you have any means of determining if anyone's
"borrowing" your internet access?

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
April 6, 2004 10:28:20 AM

Archived from groups: alt.internet.wireless (More info?)

Thanks for the responses,

You have all assisted greatly.

Regards,

Neil.



"gary" <pleasenospam@sbcglobal.net> wrote in message
news:eLhcc.5385$9Z3.2044@newssvr24.news.prodigy.com...
> While it's true that the guy in the next flat doesn't haven't to sit in
the
> parking lot, he still has to invest as much as a day or more a week to
> continually recrack your key if you change it once a week using randomly
> selected hex keys. Since most routers and clients let you preconfigre a
list
> of 4 keys, if you just change this list once a week, you can set a new
> default key every couple of days by clicking on a new list entry.
>
> I'm certainly not trying to argue that WEP is as effective as WPA, but
this
> kind of precaution should eliminate the overwhelming majority of potential
> hackers. If you have a neighbor that is willing to spend that kind of time
> continually hacking your system, instead of looking for easier targets,
then
> the guy wants into your system really badly. You then have problems beyond
> simple net security - this is the kind of person who would break into an
> apartment.
>
> The tradeoff is between whatever effort it will take you to successfully
> upgrade both your router firmware, your client firmware, and possibly
> Windows, and then get it all configured correctly, versus just configuring
> the 128-bit WEP that comes standard with most routers. I'd rather see home
> users at least move to WEP, rather than blow off security altogether, or
> pretend that SSID broadcast disabling or MAC filtering are valid security
> measures.
>
> "mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
> news:1gecc.190875$Cb.1728715@attbi_s51...
> > Taking a moment's reflection, gary mused:
> > |
> > | Yes, but no hacker is going to invest one evening a week sitting
outside
> > | your house gathering data to crack the key you change every week (or
> every
> > | day, if you're paranoid).
> >
> > They wouldn't necessarily have to. They could be someone in the
next
> > flat with all the time in the world to sniff packets.
> >
> >
>
>
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 12:21:51 PM

Archived from groups: alt.internet.wireless (More info?)

James Knott <bit_bucket@rogers.com> wrote in news:7Lncc.23495$L_8.4007
@news01.bloor.is.net.cable.rogers.com:

> That you're aware of. Do you have any means of determining if anyone's
> "borrowing" your internet access?

Yeah, my router logs haven't showed anything out of the ordinary... and my
AP's associated station log hasn't displayed anything strange either.

--
Lucas Tam (REMOVEnntp@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 1:45:36 PM

Archived from groups: alt.internet.wireless (More info?)

Neil wrote:
> Thanks All for the interesting responses, getting back to the original
> question,
>
> Can anyone point me to a reliable reference that gives guidance as to
> the appropriate frequency of key changes (time or data) required to
> make WEP 128 bit practically safe ?
>
> Regards,
>
> Neil
>
>
> "James Knott" <bit_bucket@rogers.com> wrote in message
> news:p Gacc.12431$L_8.5532@news01.bloor.is.net.cable.rogers.com...
>> JimboLee2@NETZER0@.NET wrote:
>>
>>> If crackers would see the
>>> WEP keys in plain text, what then if I use Hex of these
>>> non-printable characters:
>>
>> Crackers don't see any plain text. The programs used to break the
>> WEP, simply get enough info to calculate the key. Using non plain
>> text keys only reduces the chance of someone using a dictionary
>> attack.
>>
>> --
>>
>> Fundamentalism is fundamentally wrong.
>>
>> To reply to this message, replace everything to the left of "@" with
>> james.knott.

How about applying a bit of common sense to your question? If you look
out your office window and see 1000 hackers with laptops, would you look
for a recommendation about the frequency of changing your WEP key, or
would you immediately change your WEP key? If you live out in the
countryside ten miles from the nearest neighbor, would you think it even
possible that 1000 hackers are going to show up outside your house any
time in the immediate future?

The level of risk is not researchable. The amount of effort required to
crack a key has been researched extensively. Only you can evaluate the
level of risk. If it takes four hours to crack a given key, if you
change the key every hour it should reduce the risk of being cracked to
zero. This makes sense if there are 1000 hackers outside your office.
It makes no sense at all if you live ten miles from the nearest neighbor
in the countryside.

Q
Anonymous
a b F Wireless
a b 8 Security
April 6, 2004 2:44:46 PM

Archived from groups: alt.internet.wireless (More info?)

JimboLee2@NETZER0@.NET wrote:

>> As long as the program is able to capture enough packets... your keys
>> will be cracked.
>>
>
> Enough packet what? Those claims are just based on theories. You don't
> even use *nix OS, what do you know.
>

There are at least two ways to attack encryption.

1) Try to find the pass phrase. This requires dictionary attacks or words
that are likely to be used.

2) Try to calculate the key, from recovered packets. This involves
collecting enough packets, so that some analysys can be done to determine
the key.

Neither of the above requires *nix, though many of the commonly used
cracking tools are available for it.



--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 12:02:50 AM

Archived from groups: alt.internet.wireless (More info?)

Neil <me@home.com> wrote:
> Hi All,
>
> Can anyone point me to a reliable reference that gives guidance as to
> the appropriate frequency of key changes required to make WEP 128 bit
> practically safe ?

As a change, I thought I might actually answer the question asked.
I don't know if this is against the groups charter, or something :) 

The time depends on the traffic.

IIRC, you need 7 million packets to be fairly sure of cracking a WEP key.
This is around 3-9Gb of transfer.

Taking one extreme, a G network transferring files at full bandwidth could be
cracked in as little as half an hour.

Someone running P2P over a 512K wireless ADSL link in 3-4 days.
A really light ADSL user may take weeks or months to generate that
much traffic.
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 2:02:01 AM

Archived from groups: alt.internet.wireless (More info?)

Taking a moment's reflection, gary mused:
|
| While it's true that the guy in the next flat doesn't haven't to sit in
| the parking lot, he still has to invest as much as a day or more a week to
| continually recrack your key if you change it once a week using randomly
| selected hex keys. Since most routers and clients let you preconfigre a
| list of 4 keys, if you just change this list once a week, you can set a
| new default key every couple of days by clicking on a new list entry.

Granted. But, for someone like me (who has at least three systems
running 24/7) it would not be any imposition to have one sniffing a
neighbour's wireless traffic. The software does all the work, and all I
need do is check in from time to time to monitor any results. Your solution
would be a hindrance, yes. But, anyone who is going to be diligent enough
to change their keys that frequently will be more likely to be running WPA.
;-)
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 2:07:23 AM

Archived from groups: alt.internet.wireless (More info?)

Taking a moment's reflection, Ian Stirling mused:
|
| As a change, I thought I might actually answer the question asked.
| I don't know if this is against the groups charter, or something :) 

The problem is the question is along the lines of: "How long is a piece
of string?" The answer is: "It depends." For every situation, there will
be a different answer. If you don't move many packets, you don't need to
change keys as often as someone who moves 2 million packets a day.
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 4:20:41 AM

Archived from groups: alt.internet.wireless (More info?)

mhicaoidh <com> wrote:
> Taking a moment's reflection, Ian Stirling mused:
> |
> | As a change, I thought I might actually answer the question asked.
> | I don't know if this is against the groups charter, or something :) 
>
> The problem is the question is along the lines of: "How long is a piece
> of string?" The answer is: "It depends." For every situation, there will
> be a different answer. If you don't move many packets, you don't need to
> change keys as often as someone who moves 2 million packets a day.

No, the answer is not "It depends".
The answer is "every X packets".
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 5:11:35 AM

Archived from groups: alt.internet.wireless (More info?)

Ian Stirling wrote:

> The answer is "every X packets".
>

Even that's wrong, as the content of the packets can influence the
difficulty in cracking them.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 5:46:11 AM

Archived from groups: alt.internet.wireless (More info?)

Taking a moment's reflection, Ian Stirling mused:
|
| No, the answer is not "It depends".
| The answer is "every X packets".

I beg to differ. There is not "exact point where all WEP keys will
always be cracked." If there is, find a reference to this fact anyway ...
but, I know you won't. The common range of vulnerability is generally cited
at between 5 million packets and 10 million packets. So, the answer really
is, like it or not, "it depends." It could be hours, it could be months.

It depends on the following: 1) Strength of initial WEP key/passphrase,
2) content/complexity of each packet, and 3) how much traffic is generated
on the network that exposes WEP encrypted packets to the World (i.e.. how
long it takes to reach 5 - 10 million packets).

Since all three of those are highly variable, there is no way to know
for certain exactly when keys need to be changed for optimum security. The
only way to know would be to install Linux and sniff your own network to try
and crack it. When you get the key, you'll know the range. Until then,
it's you're doing little more than guessing.
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 4:05:19 PM

Archived from groups: alt.internet.wireless (More info?)

In article <D3Jcc.202729$_w.1939708@attbi_s53>, Mhicaoidh wrote:
> | No, the answer is not "It depends".
> | The answer is "every X packets".
>
> I beg to differ. There is not "exact point where all WEP keys will
> always be cracked." If there is, find a reference to this fact anyway ...
> but, I know you won't. The common range of vulnerability is generally cited
> at between 5 million packets and 10 million packets. So, the answer really
> is, like it or not, "it depends." It could be hours, it could be months.
>
> It depends on the following: 1) Strength of initial WEP key/passphrase,
> 2) content/complexity of each packet, and 3) how much traffic is generated
> on the network that exposes WEP encrypted packets to the World (i.e.. how
> long it takes to reach 5 - 10 million packets).

Ultimately it all depends on how badly somebody wants to crack it, and how
much time and effort they are prepared to spend. The equation balances out at
the point where this time and effort is greater than whatever they would gain
by being able to see your network traffic. As human motives are involved,
there doesn't seem to be a clear cut way to decide what numbers to feed into
this equation to make it give a true answer. There are certainly more human
variables than mathematical ones. All you can really do is take a guess at
what you think people would be likely to do.

Rod.
Anonymous
a b F Wireless
a b 8 Security
April 7, 2004 7:29:46 PM

Archived from groups: alt.internet.wireless (More info?)

Taking a moment's reflection, Roderick Stewart mused:
|
| All you can
| really do is take a guess at what you think people would be likely to do.

Indeed.
April 8, 2004 1:44:04 AM

Archived from groups: alt.internet.wireless (More info?)

So let me try to get some closure on this issue,

I have a single wireless laptop being used to surf the net for 1 hour per
day,
4 days per week @ 512 k ADSL line speed.

WEP key is generated from a random string of about 12 - 16 letters typed on
the keyboard.

I intend to update the WEP keys once per week.

SAFE ??

Thanks,

Neil




"Roderick Stewart" <rjfs@escapetime.nospam.plus.com> wrote in message
news:VA.00000699.00344c6d@escapetime.nospam.plus.com...
> In article <D3Jcc.202729$_w.1939708@attbi_s53>, Mhicaoidh wrote:
> > | No, the answer is not "It depends".
> > | The answer is "every X packets".
> >
> > I beg to differ. There is not "exact point where all WEP keys will
> > always be cracked." If there is, find a reference to this fact anyway
....
> > but, I know you won't. The common range of vulnerability is generally
cited
> > at between 5 million packets and 10 million packets. So, the answer
really
> > is, like it or not, "it depends." It could be hours, it could be
months.
> >
> > It depends on the following: 1) Strength of initial WEP
key/passphrase,
> > 2) content/complexity of each packet, and 3) how much traffic is
generated
> > on the network that exposes WEP encrypted packets to the World (i.e..
how
> > long it takes to reach 5 - 10 million packets).
>
> Ultimately it all depends on how badly somebody wants to crack it, and how
> much time and effort they are prepared to spend. The equation balances out
at
> the point where this time and effort is greater than whatever they would
gain
> by being able to see your network traffic. As human motives are involved,
> there doesn't seem to be a clear cut way to decide what numbers to feed
into
> this equation to make it give a true answer. There are certainly more
human
> variables than mathematical ones. All you can really do is take a guess at
> what you think people would be likely to do.
>
> Rod.
>
Anonymous
a b F Wireless
a b 8 Security
April 8, 2004 1:44:05 AM

Archived from groups: alt.internet.wireless (More info?)

Taking a moment's reflection, Neil mused:
|
| I intend to update the WEP keys once per week.
|
| SAFE ??

Probably. ;-)
Anonymous
a b F Wireless
a b 8 Security
April 8, 2004 1:44:05 AM

Archived from groups: alt.internet.wireless (More info?)

In article <c50pi7$2kpq$1@otis.netspace.net.au>, Neil wrote:
> So let me try to get some closure on this issue,
>
> I have a single wireless laptop being used to surf the net for 1 hour per
> day,
> 4 days per week @ 512 k ADSL line speed.
>
> WEP key is generated from a random string of about 12 - 16 letters typed on
> the keyboard.
>
> I intend to update the WEP keys once per week.
>
> SAFE ??

Where do you live? Can you see any evidence of any other network users, or
have you any reason to believe there are any nearby?

My wireless system is used at home, in a cul-de-sac, in a suburb, and I've
seen nothing other than my own wireless access point appear in the activity
monitoring window, no suspicious flashing lights on the router, and nothing
untoward in the firewall log. I have no reason to believe that there is
likely to be anyone nearby taking any interest in me or my computers.

If you live near the business section of a large town and regularly see many
other names appear in your wireless network monitor, then perhaps some of the
paranoid suggestions I've seen in this newsgroup may be justified, e.g. use
the longest encryption key and change it regularly. However, if your
circumstances are similar to mine, then I'd suggest you're probably safe with
no more than MAC filtering and the shorter encryption key, and you needn't
even bother to change it if nobody's looking.

It's roughly the same decision as whether to fit top security window locks or
trust the normal ones, whether to put your car in the garage at night or
leave it in the drive (locked of course), which neighbour to leave your front
door key with when you go on holiday, and so on. There are no definite
answers and no 100% guarantees. Everything in life is a bit of a gamble.

Rod.
Anonymous
a b F Wireless
a b 8 Security
April 8, 2004 8:15:05 AM

Archived from groups: alt.internet.wireless (More info?)

>> Otherwise see if your AP supports WPA - it's much more secure.

Lucas:

Not necessarily, see below. I use Orinoco's WEPplus which does not create
the weak keys that AirSnort uses to crack WEP.

Snag in next-gen Wi-Fi security unearthed
By John Leyden
Posted: 06/11/2003 at 15:35 GMT

Security researchers have identified a potential security problem involving
use of the Wi-Fi Protected Access (WPA) protocol, the second generation
wireless LAN security standard.

Although WPA itself remains cryptographically secure, a method used for
making the technology easier for consumers to use is susceptible to attack,
according to a paper by Robert Moskowitz, senior technical director at the
ICSA Labs division of TruSecure.

The issue involves the use of Use of Pre-Shared Key (PSK) as an alternative
to 802.1X based key establishment, the approach preferred by corporate
environments.

Pre-Shared Keying (PSK) is provided in the WPA and 802.11i standards to
simplify deployments in small, low risk, networks. A PSK is a 256 bit number
or a pass phrase eight to 63 bytes long.

Cryptographic weaknesses in PSK - particular when used in conjunction with
simple pass phrases - mean attackers may be able to crack into systems
through passive monitoring of wireless networks followed up by offline
dictionary attacks. So the consumer-implementation of WPA is subject to the
same kinds of shortcomings that afflicted the weak and broken WEP system,
the industry's first (now rejected) stab at a security protocol for wireless
networks.

Moskowitz's paper concludes: "The risk of using PSKs against internal
attacks is almost as bad as WEP. The risk of using pass phrase based PSKs
against external attacks is greater than using WEP."

"Thus the only value PSK has is if only truly random keys are used, or for
deploy testing of basic WPA or 802.11i functions. PSK should only be used if
this is fully understood by the deployers," he adds. ®
Anonymous
a b F Wireless
a b 8 Security
April 8, 2004 11:54:35 PM

Archived from groups: alt.internet.wireless (More info?)

Taking a moment's reflection, CZ mused:
|
||| Otherwise see if your AP supports WPA - it's much more secure.
| Not necessarily, see below. I use Orinoco's WEPplus which does not create
| the weak keys that AirSnort uses to crack WEP.

Essentially, they are saying that WPA (like WEP) is susceptible to
dictionary type attacks. However, strong passphrases are much less
susceptible to this attack. A string of 30 randomly typed numbers and
letters will not be nearly as susceptible to a dictionary attack as "pencil"
or even "p3nc1l" ...
Anonymous
a b F Wireless
a b 8 Security
April 14, 2004 11:25:56 AM

Archived from groups: alt.internet.wireless (More info?)

I have a slightly different question, related:

I have a wireless network in my house. It is unsecure. My neighbor
(our houses are close together) has a wireless card in their laptop
and routinely can access my network from their wireless card. I don't
mind, it's fine with me (my neighbor and I are good friends, so I'm
more than happy to let them use my wireless network).

Can anyone comment on the legality/risk of doing this to either me or
my neighbor? e.g. does my provider have a legal beef with me because
someone is using my network? Can my neighbor get in trouble for
'stealing' bandwidth (even though I don't mind)?

Any help appreciated. I am a novice in this area.

Please respond here or directly, I am at a NEW email address-
bassufo@hotmail.com

"Neil" <me@home.com> wrote in message news:<c4psk1$27g0$1@otis.netspace.net.au>...
> Hi All,
>
> Can anyone point me to a reliable reference that gives guidance as to
> the appropriate frequency of key changes required to make WEP 128 bit
> practically safe ?
>
> Thanks,
>
> Neil
Anonymous
a b F Wireless
a b 8 Security
April 14, 2004 6:34:55 PM

Archived from groups: alt.internet.wireless (More info?)

unidentified_funky_object@hotmail.com (UFO) wrote in
news:9ef8c4d3.0404140625.123c2f28@posting.google.com:

> I have a wireless network in my house. It is unsecure. My neighbor
> (our houses are close together) has a wireless card in their laptop
> and routinely can access my network from their wireless card. I don't
> mind, it's fine with me (my neighbor and I are good friends, so I'm
> more than happy to let them use my wireless network).

Why don't you turn on WEP or WPA security and give your neighbour the
encyption key? It'll be much safer that way.

> Can anyone comment on the legality/risk of doing this to either me or
> my neighbor? e.g. does my provider have a legal beef with me because
> someone is using my network? Can my neighbor get in trouble for
> 'stealing' bandwidth (even though I don't mind)?

Your provider probably does not like it... but if you're running a NAT
router, chances are they won't find out. As long as you and your neighbour
do not go crazy on your bandwidht allocation no one will mind (or notice).



--
Lucas Tam (REMOVEnntp@rogers.com)
Please delete "REMOVE" from the e-mail address when replying.
http://members.ebay.com/aboutme/coolspot18/
Anonymous
a b F Wireless
a b 8 Security
April 14, 2004 7:20:46 PM

Archived from groups: alt.internet.wireless (More info?)

In article <9ef8c4d3.0404140625.123c2f28@posting.google.com>,
UFO <unidentified_funky_object@hotmail.com> wrote:
:I don't
:mind, it's fine with me (my neighbor and I are good friends, so I'm
:more than happy to let them use my wireless network).

:Can anyone comment on the legality/risk of doing this to either me or
:my neighbor? e.g. does my provider have a legal beef with me because
:someone is using my network?

It depends what your contract says. Some of the contracts are so tightly
written that you can't even allow your spouse to use the connection
[even though the service will be advertised as being great for the
entire family.]

: Can my neighbor get in trouble for
:'stealing' bandwidth (even though I don't mind)?

If your neighbour is invited by you, then your neighbour wouldn't
be "stealing" -- but you could -potentially- get in trouble through
the contract terms. And if the neighbour's brother-in-law visits one day
and borrows the connection to send off something provocative (or spamish)
then it is -your- connection the damage is going to track back to.
--
I've been working on a kernel
All the livelong night.
I've been working on a kernel
And it still won't work quite right. -- J. Benson & J. Doll
Anonymous
a b F Wireless
a b 8 Security
April 15, 2004 5:02:34 AM

Archived from groups: alt.internet.wireless (More info?)

UFO wrote:

> does my provider have a legal beef with me because
> someone is using my network? Can my neighbor get in trouble for
> 'stealing' bandwidth (even though I don't mind)?

Check your ISP's AUP.


--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.
Anonymous
a b F Wireless
a b 8 Security
April 15, 2004 5:22:03 AM

Archived from groups: alt.internet.wireless (More info?)

suppose your neighbor goes in a chat room on your ip and verbally wines and
dines some child and propositions him/her and that him/her is actually a
sting operation and the fbi comes and takes your wifi, your computer and
sets your bail up around $250,000
!