Page 1:How Secure Is Your Wireless Network?
Page 2:Test Setup
Page 3:Network Security: The First Line Of Defense
Page 4:WEP Is Dead, Haven't You Heard?
Page 5:Understanding WPA/WPA2: Hashes, Salting, And Transformations
Page 6:WPA Cracking: It Starts With Sniffing
Page 7:CPU-Based Cracking: Like Watching Paint Dry
Page 8:GPU-Based Cracking: AMD Vs. Nvidia In Brute-Force Attack Performance
Page 9:Nvidia's Tesla And Amazon's EC2: Hacking In The Cloud
Page 10:Securing Your WPA-Protected Network
WEP Is Dead, Haven't You Heard?
Wired Equivalent Privacy (WEP) was the first security algorithm used by wireless networks to restrict access. It was originally introduced in 1999 as part of the 802.11 standard. However, it has long been considered to be a "broken" algorithm, and was effectively replaced by Wi-Fi Protected Access (WPA).
Recovering a WEP key out in the wild.
If you're still using WEP on an older wireless router, try not to feel too safe. The Wi-Fi Alliance abandoned WEP in 2003 because it's very easy to crack. With $20 and some basic technical know-how, a neighbor can procure your WEP password in about 10 minutes using publicly-available tools. It really is time to upgrade to at least WPA.
The process of breaking a WEP password can vary, but we've seen it done enough times that there's little reason to detail this bit of deviousness here on Tom's Hardware. Think of us like AMC's Breaking Bad. We're not here to show you how to cook meth. But our story hinges on the process. An enthusiast using WEP should know how easy it is to circumvent, and we did it so that you don't have to learn the hard way. To give you an idea of what's involved, we used Cain & Abel, Aircracking-ng, and an AirPcap Nx adapter to find a nearby network's WEP key in about five minutes. The length of the key doesn't affect recovery time, either.
Connecting to the cracked network after six minutes of effort.
The fundamental problem is that it's incredibly easy to eavesdrop on a WEP network and sniff out the information needed to crack the RC4 cipher backing the protocol. Even if there aren't enough packets traveling between the router and clients inside the network, it's possible to send packets in such a way to simulate reply packets, which then can be used to find the key. It's even possible to forcibly boot users off a router in order to generate packets with authentication information. Scary stuff; avoid it at all costs if security truly matters to you.
- How Secure Is Your Wireless Network?
- Test Setup
- Network Security: The First Line Of Defense
- WEP Is Dead, Haven't You Heard?
- Understanding WPA/WPA2: Hashes, Salting, And Transformations
- WPA Cracking: It Starts With Sniffing
- CPU-Based Cracking: Like Watching Paint Dry
- GPU-Based Cracking: AMD Vs. Nvidia In Brute-Force Attack Performance
- Nvidia's Tesla And Amazon's EC2: Hacking In The Cloud
- Securing Your WPA-Protected Network