Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Security 1
- Thread starter minxca
- Start date
-
1
- #2
- Thread starter
- #3
You have to realize that it is all an estimate.
But 15 minutes for 128-bit encryption is crap.
You could spend the $8k on a Cray or better for the 15 minutes of time and not do it in 15 minutes.
Please see the voluminous discussion of WEP encryption available on the Web. Then you can go back to the other Forum and tell the guy he is full of crap.
All of this is out-dated discussion anyway. With support now, or within 6 months depending on brand, with native support under XP, WPA rotating keys and a reasonable security policy for key changes even under WEP make this sound silly.
I live in the DC area. Use your NetStumbler around the White House, the Executive Office Building or drive to nearby McClean, VA with your NetStumbler or Linux wireless tools and try it. I will be nice, I will give you 6 years to get access. Of course, you will probably be approached in your car within 15 minutes.
Seriously, WEP is fine, use common sense precautions and change your key regularly. Use all the 802.1x schemes available now. Use proprietary schemes from vendors like Cisco if they apply in your case. Use WPA when the firmware for your router and client are available.
And do not believe everything you read in a Web Forum. Including this one.
But 15 minutes for 128-bit encryption is crap.
You could spend the $8k on a Cray or better for the 15 minutes of time and not do it in 15 minutes.
Please see the voluminous discussion of WEP encryption available on the Web. Then you can go back to the other Forum and tell the guy he is full of crap.
All of this is out-dated discussion anyway. With support now, or within 6 months depending on brand, with native support under XP, WPA rotating keys and a reasonable security policy for key changes even under WEP make this sound silly.
I live in the DC area. Use your NetStumbler around the White House, the Executive Office Building or drive to nearby McClean, VA with your NetStumbler or Linux wireless tools and try it. I will be nice, I will give you 6 years to get access. Of course, you will probably be approached in your car within 15 minutes.
Seriously, WEP is fine, use common sense precautions and change your key regularly. Use all the 802.1x schemes available now. Use proprietary schemes from vendors like Cisco if they apply in your case. Use WPA when the firmware for your router and client are available.
And do not believe everything you read in a Web Forum. Including this one.
I presume you haven't tried to crack WEP then.
I can regularly crack WEP in the lab in 3-6 hours. In the real world, it depends on how busy the WLAN is, and, to a certain degree, how often you see reused IVs. But the compromise IS an inevitability, and it certainly will not take 6 years, or even 6 weeks. More like 6 hours to 6 days. MAC address filtering won't help you (since MACs can be spoofed), and disabling broadcast SSIDs, while fooling NetStumbler, will not fool Kismet or like tools. Using AirJack, for example, you can recover the SSID in seconds.
I can regularly crack WEP in the lab in 3-6 hours. In the real world, it depends on how busy the WLAN is, and, to a certain degree, how often you see reused IVs. But the compromise IS an inevitability, and it certainly will not take 6 years, or even 6 weeks. More like 6 hours to 6 days. MAC address filtering won't help you (since MACs can be spoofed), and disabling broadcast SSIDs, while fooling NetStumbler, will not fool Kismet or like tools. Using AirJack, for example, you can recover the SSID in seconds.
- Status
Similar threads
