In article ,
Mark wrote:
On 21 Jul 2003 09:13:23 -0700, (Yasashii Arbaito) wrote:
[...]
Hate to tell you, but current wireless security is embarrassingly easy to
break. Hacking MAC access lists (what you're referring to) is trivial -
sniff out the address of any accepted adapter (found in the header of
every packet), and set your adapter to match. There are automated packages
out there to do it (and break WEP too, of course).

Well, it's "trivial" only if you can sniff enough data. 128bit WEP takes
over
100MB of concurrent data in order to get the key. Depending on the WAP
being
used, the MAC list is most likely encrypted as well when WEP is on.

IF you can get the right amount of data, then yea it's easy to hack.

You'll notice I was careful in what I called "trivial" - MAC lists alone.

However, speaking of WEP, there are other hacks which can be considerably
faster than the IV-based one you're presumably thinking of. (Which,
incidentally, is more or less independent of key length - 10,000 bit WEP
would be just as vulnerable.) A cute one is that some access points can
be tricked into decrypting packets for you! See

http://www.nwfusion.com/research/200...wepprimer.html

for a few notes on the subject.

Of course, security concerns are all relative. I'm actually typing this on
a laptop with a wireless interface where I don't even use WEP. Why? Well,
for various reasons, all its traffic is tunneled through ssh anyway. So,
absent the next ssh bug (which no doubt will appear tomorrow now that I've
typed this), and disregarding things like denial of service attacks, it's
not an extraordinarily vulnerable setup.

--
Y.

----- Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web -----
http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email