# Wireless security, I want the real story



## Protozoa

My question has to do with wireless network security. Let me apologize in advance for what may seem to be a silly question. I'm a long time computer _user_, but have only recently started to develop an interest in them.

I know that everyone says you should set your network up as a password protected system. But, I'm curious as to why this is needed. I'm not talking about the possibility of a neighbor hooking up to my wireless router (either accidentally or intentionally), because I'm sure that has happened... and frankly, I really don't care. _I'm talking about the possibility of someone using my unsecured Wireless G network to tap into my home's computers_. 

I suppose that another part of this is that I'm not so much interested in the _theoretical possibilities_ as I am the _probabilities_. Maybe a crack team of hackers could sit in my front yard for a couple days and eventually steal some exciting Word Document from my laptop (like the one titled "letter to grandmother"... the horror); but I'm talking about something else. I'm talking about the possibility that, with little effort, some sneaky person who lives nearby could hack into the network and grab important personal data off my computers.

I have resisted making my system password protected for a number of reasons. One is obviously that I'm skeptical that there is a real-world chance that someone would break into my computer through it. Also, I have a large family, and we are in almost a constant state of flux when it comes to retiring old computers, buying new systems, adding printers, etc. So, it's just easier to do all this without dealing with a password. 

One of the things that has made me recently wonder a bit more about this is that I learned about software like Network Magic. My thought was that "if I could buy this software and share data between comupters on my network... what's to stop someone else from doing the same?"


----------



## quagmondo23

You really should secure your network. Stupid to have it unsecured. I didn't even read your post!


----------



## Protozoa

quagmondo23 said:


> You really should secure your network. Stupid to have it unsecured. I didn't even read your post!



Likewise, it's "stupid" to respond to a question without reading it.


----------



## tremmor

Protozoa, i doubt if any would be able to hack into the computer. i was never much interested in that. i was always interested in someone not using my ip for illegal purpose only. Im not much worried about it because and thinking most are professionals any way closing all ports not used for security is of interest. an excellent firewall is in order. Sygate professional is one (which i use). 

Consider someone  piggy backing on your ip (which you don't consider important besides using your bandwidth). consider that person downloading music or what ever. What if child pornography? The sites a person if sniffed would only lead a trail to your ip addy. 

Your router (password protect) 
Use wep encryption 
use authorized addy for wireless connections.

its in your best interest..........
cheers.


----------



## jbrown456

Secure it with a simple password, just because you never know what can happen...


----------



## johnb35

Protozoa said:


> My question has to do with wireless network security. Let me apologize in advance for what may seem to be a silly question. I'm a long time computer _user_, but have only recently started to develop an interest in them.
> 
> I know that everyone says you should set your network up as a password protected system. But, I'm curious as to why this is needed. I'm not talking about the possibility of a neighbor hooking up to my wireless router (either accidentally or intentionally), because I'm sure that has happened... and frankly, I really don't care. _I'm talking about the possibility of someone using my unsecured Wireless G network to tap into my home's computers_.
> 
> I suppose that another part of this is that I'm not so much interested in the _theoretical possibilities_ as I am the _probabilities_. Maybe a crack team of hackers could sit in my front yard for a couple days and eventually steal some exciting Word Document from my laptop (like the one titled "letter to grandmother"... the horror); but I'm talking about something else. I'm talking about the possibility that, with little effort, some sneaky person who lives nearby could hack into the network and grab important personal data off my computers.
> 
> I have resisted making my system password protected for a number of reasons. One is obviously that I'm skeptical that there is a real-world chance that someone would break into my computer through it. Also, I have a large family, and we are in almost a constant state of flux when it comes to retiring old computers, buying new systems, adding printers, etc. So, it's just easier to do all this without dealing with a password.
> 
> One of the things that has made me recently wonder a bit more about this is that I learned about software like Network Magic. My thought was that "if I could buy this software and share data between comupters on my network... what's to stop someone else from doing the same?"



You only need a pass key or phrase to establish security on a router. You don't need to enter it everytime, once you enter it to gain accessibility then it automatically gets saved you the laptop or wireless device automatically connects everytime.  It's always best to secure a wireless network.  If you are worried about personal data, just secure it with a password, no need to buy additional software.


----------



## Quiltface

tremmor said:


> Protozoa, i doubt if any would be able to hack into the computer. i was never much interested in that. i was always interested in someone not using my ip for illegal purpose only. Im not much worried about it because and thinking most are professionals any way closing all ports not used for security is of interest. an excellent firewall is in order. Sygate professional is one (which i use).
> 
> Consider someone  piggy backing on your ip (which you don't consider important besides using your bandwidth). consider that person downloading music or what ever. What if child pornography? The sites a person if sniffed would only lead a trail to your ip addy.
> 
> Your router (password protect)
> Use wep encryption
> use authorized addy for wireless connections.
> 
> its in your best interest..........
> cheers.



he is 99% correct.... everything except for 1st sentence... once someone has a private ip on your network there really isnt much effort to hack your computer, even if you dont have anything on your computer that is personal like Credit card info or whatever... they could still corrupt your computer so it will be inoperable.   

But his point on child pornography and what ever... very good point, you dont want a little blue dot on your house and be labeled a sex offender for the rest of your life do you?


----------



## quagmondo23

Protozoa said:


> Likewise, it's "stupid" to respond to a question without reading it.



Ah-well. Like I care.


----------



## Quiltface

Fight!!!


----------



## tremmor

i think the conversation about wireless was esthetically correct pertaining to wireless. other security matters are in order and have to be considered. Yes you are correct, and stealing would be an issue. On the other hand i think this could get into another subject.

good subject though. more people have a need to know. 
it will be brought up again. 

cheers.....


----------



## alexandergre

Quiltface said:


> Fight!!!



lol


----------



## quagmondo23

What... Fight? I'm not involved? 

Oh... Wait, I am. 

(JOKE)


----------



## Quiltface

If I had a nickel for every time I gave someone a black eye over WEP... Id have a pocket full of nickels.


----------



## Protozoa

Well, I appreciate the advice. I enabled WPA security on my network, and it does appear to be hassle-free once that's done. 

I also understand the issue about people using your network to do illegal things, but I'm one of those people who is a bit skeptical about the power of urban legend. Has anyone really ever been prosecuted as a sex offender because a neighbor used their network to download child porn? Prove me wrong (by link or otherwise), but I'm having a hard time believing that has happened. It makes for a sensational story, however.


----------



## Quiltface

It doesn't have to happen... it can.


----------



## brian

tremmor said:


> Protozoa, i doubt if any would be able to hack into the computer. i was never much interested in that. i was always interested in someone not using my ip for illegal purpose only. Im not much worried about it because and thinking most are professionals any way closing all ports not used for security is of interest. an excellent firewall is in order. Sygate professional is one (which i use).
> 
> Consider someone  piggy backing on your ip (which you don't consider important besides using your bandwidth). consider that person downloading music or what ever. What if child pornography? The sites a person if sniffed would only lead a trail to your ip addy.
> 
> Your router (password protect)
> *Use wep encryption *
> use authorized addy for wireless connections.
> 
> its in your best interest..........
> cheers.




dude that has been hacked since 2000's ish it is way to old and can be cracked in 10 sec... 5 min for someone not even knowing how to do it. wpa is ok still does give a handshake that can be cracked by pros and takes a bit longer. wpa2 to my knolage has not been cracked or at least takes a looooooooon time and a pro hacker to do it. also to make a key longer is better theis days dont have like 1$@dhj too short make it something that is A) not in the dicinary, B) long and uses, numbers, symbles, letters (uper and lower) you can get tricky and use something like @pp|3 (apple but something longer reason, not in the dicinary.) but really no one would go after you unless you had a sign saying working for the gov in the front of your lawn. but people can slown your network down and remember, if you send something over the network, every computer on the network can see that packet you sent


----------



## tremmor

sorry, thats all i got. I think mostly i protect the best i can. Nobody will question it. i also use other means but im a player and hang out downstairs. if issue has been in the past just surfing ive been  involved in lawsuit for satellite piracy. i use proxy service and i personally use a private secure web tunnel for illegal activity.  never a public tunnel.  

hacking my sheet won't happen. im secure.


----------



## brian

lol, dont be sorry just pointing it our  anyway wep is better then none at all


----------



## ms2134

Yes, the police are now tracking down Via IP addresses to find those who DL child porn online. It can be a real hassle to tell them it was not you because it came from your IP.  If you got a big bill for bandwidth. That would annoy aswell


----------



## Protozoa

ms2134 said:


> Yes, the police are now tracking down Via IP addresses to find those who DL child porn online.



I'll believe it when you provide a link to a news aricle about someone being thrown in the slammer because some perv used their network.


----------



## Quiltface

Are you being stubborn or something?  If you don't want to use WEP don't use it.  I dont see how this scenario is so far fetched... 

Why dont you take wep off, take down your firewall, uninstall your antivirus, post your public IP on this forum and run a cable from your switch out to the street with your name and SSN stuck to it.

lol  sorry i went off on a rant there.


----------



## Protozoa

Quiltface said:


> Are you being stubborn or something?  If you don't want to use WEP don't use it.  I dont see how this scenario is so far fetched...



You must have missed the post where I said I enabled security on my network today.

I'm just saying that I don't buy into _hysteria_. It's just a little too "Chicken Little" for me.

It's clearly more exciting to be paranoid about all your neighbors being child pornographers, and a police force with so many resources available that they chase down people based on IP addresses alone. It's that same sort of over-paranoid hype that led an entire nation on a goose chase for weapons of mass destruction several years ago.


----------



## tremmor

its not that they don't have the technology to tell the difference.  its that they will be knocking on your door 1st. you explain it. you prove it. they don't have to. you do. its about deep pockets also. it won't be free. figure it out.

enough said, I'm done with this post.


----------



## Quiltface

No I read the post when you said it so thats why I was kind of confused about it....  so you seriously have no idea that you can get tracked down to your front door with your IP address?   Well you can...   Im with you tremmor Im done with this post.


----------



## Protozoa

tremmor said:


> its not that they don't have the technology to tell the difference.  its that they will be knocking on your door 1st. *you explain it. you prove it. they don't have to. you do.* its about deep pockets also. it won't be free. figure it out.
> 
> enough said, I'm done with this post.



Actually, no. Not since this.

I would think that the existance of Dynamic Identifiers, Network Masquerading, Native Address Translation and IP Masquerading pretty much makes chasing IP addresses a waste of time.


----------



## tremmor

change my mind.


----------



## Protozoa

tremmor said:


> change my mind.



I'm not really interested in changing your mind. 

I'm just saying that I'd be interested to see some evidence that anyone has ever been arrested, prosecuted or convicted because their neighbor used their network to do something illegal. 

I'm not trying to be difficult, I just doubt it's much more than urban legend. I could be wrong.


----------



## quagmondo23

It's illegal for someone else to use your network. Its called piggy-backing. Here.
He wasn't even doing anything illegal. There probably have been people arrested for doing illegal stuff but it wasn't shown all over the internet.

Wait, are you even talking about that anymore? I didn't read any posts.


----------



## Protozoa

quagmondo23 said:


> It's illegal for someone else to use your network.



I never said it wasn't. Nobody else suggested that either.


----------



## quagmondo23

Like I'm sure you know, I don't read the posts before mine.


----------



## Protozoa

quagmondo23 said:


> Like I'm sure you know, I don't read the posts before mine.



You don't say!?


----------



## quagmondo23

haha, thats brilliant. I'm changing my name. I was joking by the way.


----------



## dznutz

this says running a firewall [even windows firewall!!!] will protect you from pc wifi hackers:
http://blogs.chron.com/techblog/archives/2006/01/wifi-enabled_wi.html

currently vista is immune.  possibly xp with sp3 will make xp immune as well.


----------



## Homenet

Ok I havent read all this thread only the first page but here is my 2 cents on why you should ALWAYS secure your wireless connection.

1 - If someone becomes part of your LAN and goes out via your public IP, then any activity done illegaly will point back to your public IP. It would be very hard, if not impossible to prove someone else was on, and especially who that person was. Therefore your public ip could be used in a DDOS attack, used to look at child porn etc etc, stuff you dont want your ISP to associate you with.

2 - lets say you leave your wireless unsecured OR secure it with WEP which as far as im concerned might aswell be the same thing since wep is so horribly insecure, if someone becomes part of your LAN they have access to your router,   providing your using a password of over 7 characters you'll generally be safe from a practical brute force, however if your leaving your network unsecure chances are you've left the password as default or just left it the same. If an attacker gains access to your router they can do several things - a. Change your DNS settings to a poisoned DNS server - all the attacker needs is BIND or some other dns software on their system, point the DNS from your router to use the attackers local ip, all DNS requests will then go through the attackers system, he/she could then easily add bogus records for sites like paypal/ebay etc that are imitations that will drop your details into a database once there entered. 
b. Generally screw around with your connection settings, particularly annoying if your on ADSL as they could start changing your VCI values and your ADSL will stop working without you knowing why. 

3 - arp poisoning - an attacker could easily identify himself as your gateway peforming a 'man in the middle' attack, he/she could then monitor all traffic coming in and out of your computer. this is obviously something you dont want, while most sites where you login to will use https and therefore your details will be encrypted, everything else is sent over plain text (including most pop/smtp authentication details)

ok theres probably many others but ill leave it at there for now. Personally I think leaving your wireless network open is a very silly thing to do and just asking for trouble!


----------



## Trizoy

Im surprised someone hasnt meantioned shared folders...  One of the best reasons for having a network, you cna map folder to each computer. But there are folders that are shared by default. What does this mean? It means someone ON YOUR network could see this shared drive and drop a virus on it. OR a network virus would upload itself to your computer and destroy data.

I would also make sure your router login has a password on it.


----------



## Homenet

Firstly as far as im aware no folder are shared by default on windows xp/vista, if your talking about admin$ and c$ then these restricted to Guest, however by default guest will have an account restriction on preventing this. 

Secondly even if someone did get access to any shares they would have to rely on the share permissions being write, and not just read. Even if they were to copy a virus over there is no way of executing it, unless of course they add the file to the startup list.


----------



## jbrown456

Homenet said:


> Firstly as far as im aware no folder are shared by default on windows xp/vista, if your talking about admin$ and c$ then these restricted to Guest, however by default guest will have an account restriction on preventing this.
> 
> Secondly even if someone did get access to any shares they would have to rely on the share permissions being write, and not just read. Even if they were to copy a virus over there is no way of executing it, unless of course they add the file to the startup list.



The Shared Documents folder?


----------



## Protozoa

Homenet said:


> 1 - If someone becomes part of your LAN and goes out via your public IP, then any activity done illegaly will point back to your public IP. It would be very hard, if not impossible to prove someone else was on, and especially who that person was. Therefore your public ip could be used in a DDOS attack, used to look at child porn etc etc, stuff you dont want your ISP to associate you with.



I don’t have a technical background, so I’ll have to take your word on what you have said (in fact, those were the reasons I went ahead an enabled security on my network a few days ago).

However, I just don’t agree with the quote above. Considering that not every ISP runs a static IP system, I can’t believe that Big Brother would base any sort of legal action on this. 

I have asked repeatedly if anyone would link up some evidence that the police have ever arrested, prosecuted or convicted someone solely based on their IP being associated with illegal activity. In all the posts that have been made, nobody has ever coughed anything up. I’m not saying I’d be happy to discover that someone was doing something illegal or gross over my network, or that it doesn’t happen to people with unsecured networks. In fact, it’s because that it probably happens all the time that Johnny Law probably does not chase down people through IP addresses. Until someone shows me instances of where this has happened, I’m calling in Computer Urban Legend.


----------



## Homenet

jbrown456 said:


> The Shared Documents folder?



Im pretty sure there not shared by default though? correct me if wrong.



Protozoa said:


> I don’t have a technical background, so I’ll have to take your word on what you have said (in fact, those were the reasons I went ahead an enabled security on my network a few days ago).
> 
> However, I just don’t agree with the quote above. Considering that not every ISP runs a static IP system, I can’t believe that Big Brother would base any sort of legal action on this.
> 
> I have asked repeatedly if anyone would link up some evidence that the police have ever arrested, prosecuted or convicted someone solely based on their IP being associated with illegal activity. In all the posts that have been made, nobody has ever coughed anything up. I’m not saying I’d be happy to discover that someone was doing something illegal or gross over my network, or that it doesn’t happen to people with unsecured networks. In fact, it’s because that it probably happens all the time that Johnny Law probably does not chase down people through IP addresses. Until someone shows me instances of where this has happened, I’m calling in Computer Urban Legend.



Ok fair point, but as for the dynamic based ISP's there is no doubt whatsoever that they know exactly who they have issued their IP addresses to, so they would have no problem seeing who was using that ip at what time.

Not sure if your from the US or the UK but doing a quick google search i found this: http://www.philly.com/philly/hp/news_update/15391047.html
It says that technically the account holder is responsbible for any activity on the account, so while admitedly it may not lead to prosecution, it could lead to some unwanted police attention (pretty sure the same kind of rule applies here in the UK)

Anyway I think that your personal information is probably more at stake if you leave your wireless wide open, as i mentioned in my earlier post.


----------



## Protozoa

Homenet said:


> Im pretty sure there not shared by default though? correct me if wrong.



And even if it is, does any document end up there without the user knowing? I have all sorts of files on my computer, documents, pictures, programs.... nothing is in the shared folder.



Homenet said:


> Ok fair point, but as for the dynamic based ISP's there is no doubt whatsoever that they know exactly who they have issued their IP addresses to, so they would have no problem seeing who was using that ip at what time.



Good point, is there any evidence that the cops have ever used the IP addresses (alone) to arrest someone?


----------



## toomanybytes

I think that last article itself is pretty powerful evidence.

1. Pervs have admitted to wardriving so their illegal activity points to someone else.

2. Law enforcement have arrived on people's doorsteps looking for the owner of a particular IP address.

Has anyone ever been wrongly convicted based on an IP address alone? I hope not. But do you really want your driveway filled with police cars while the neighbours all gossip and all your computer equipment seized for a month while the police examine it? Have a few illegal MP3's on there? Oops! Maybe the police will be so ticked off at not finding the external hard drive they're convinced holds all your porn that they'll bust you for the illegal music.


----------



## Protozoa

toomanybytes said:


> 2. Law enforcement have arrived on people's doorsteps looking for the owner of a particular IP address.



When?

Keep in mind that I'm asking for _specific _examples of when they have arrested someone or obtained a warrant based on an IP address alone. 

You guys just keep piping up with this stuff, like it has happened. Well... let's see a link to a news story for Chrissakes!


----------



## toomanybytes

Quotes from the article mentioned above:
1. The person who downloaded the pornography is gone, and it is the registered owner of the wireless account who is left to answer police questions. 
2. Technically, "the account holder is responsible for the crime," 
3. "The search warrant ends up at that house," he said.
4. It is not easy to detect someone piggybacking on your account, Watkins said. The service may be slower if the unauthorized user is downloading large files.
"Another way is if the feds knock on your door to see if the illegal activity is coming from your computer," Watkins said.

But that’s obviously not enough evidence for you so I’ll bite. I haven’t done a Google treasure hunt in a while.

Guy argues that police can’t prove he’s the scumbag because his wireless was unsecured. They still throw the book at him.
http://www.news.com/Police-blotter-Open-Wi-Fi-blamed-in-child-porn-case/2100-1036_3-6177095.html

Article discussing above case, and how some people intentionally leave their wireless unsecured in order to claim reasonable doubt, but the judges are calling BS on them. Article also mentioned the idea of making unsecured wireless illegal.
http://arstechnica.com/news.ars/pos...-that-an-open-wifi-network-is-no-defense.html

Police came pounding on little old lady’s door with a search warrant. Basically, if it had been a 30 year old man who still lives with his mother, wi-fi owner would have been in a heap ‘o ‘trouble. So unless you’re an innocent-looking little old lady…
http://www.washingtonpost.com/wp-dyn/content/article/2007/02/10/AR2007021001457.html


I didn’t take the time to read this whole page but shocking advice given in a case where neighbour had been using their wi-fi for illicit purposes and images were still available to view on their computer. Summary? Couple advised to not call the police and destroy the HD so nothing could ever be pinned on them. Sad that the people on the forum felt it was more important to avoid trouble than to stop scumbags from hurting kids.
http://64.233.169.104/search?q=cach...rrant+arrested+porn&hl=en&ct=clnk&cd=17&gl=ca


----------



## Homenet

Thanks toomanybytes, i was gonna hunt some down myself but im too lazy


----------



## tlarkin

Wow, this thread is ridiculous.  Let me clarify a few things.

Sure, WEP has its vulnerabilities but most people who say that are just regurgitating what they read off slashdot.  A brute force attack against a strong passwords takes a really long time, longer than most people think.  Secondly, yes you can break WEP but it requires packet injection.  Packet injection only works with a very limited number of WiFi cards because hardware developers do not release source code or specifications to the open source world, where all the hacking tools are developed in the first place.  So, right there you are limited to someone who knows what they are doing to crack WEP, and on top of that have the hardware to do it.  Then if you add in a set of passkeys that rotated you make it even harder for it work.

Also, recently there has been a technology developed to secure WEP, called chaff packets, google it and educate yourself.  This works because all the wep hacking/cracking tools assume that every packet on a network is good, which is a flaw in the hacking tool.

If you run WEP on your home network I seriously doubt anyone would hack it or even really know how to  hack it in the first place, or even have the proper software and hardware to do so.  Obviously WPA is the better choice if you don't have any older wifi systems on your network because it is just as easy to set up and less vulnerabilities.

Now, once someone gains access to your private network and you are running windows they pretty much can access almost anything through basic mapping/pathing bugs in windows.  They can have access to private information and use your bandwidth for bad things, hijack your system, add network active self propagating viruses, so on and so forth.

If all you can use is WEP in a neighborhood you are most likely fine, just use a secure passkey.  Like, don't use PasSword for your password.


----------



## Protozoa

toomanybytes said:


> Quotes from the article mentioned above:



Above where?



toomanybytes said:


> Guy argues that police can’t prove he’s the scumbag because...



The first two links have to do with a guy who was "convicted of *possession* of child pornography" (who had also apparently been under investigation by Yahoo). The fourth link had nothing to do with police action. 

The third link didn't involve any sort of arrest, although it did say that the police had a warrant. Sounded a little fishy to me. The cops went to the trouble of tracking down what physical address was supposedly associated with the IP, but they were surprised by who answered the door? Seems like that would have been a detail they would have figured out in advance.

Shrug. Does this prove your case? I don't know. It's close enough. Thanks for the info.


----------



## toomanybytes

Protozoa said:


> Above where?



http://www.philly.com/philly/hp/news.../15391047.html
Homenet listed it on page 4 of this thread. Well, that explains why you were still asking for proof when I felt it had already been given.



Protozoa said:


> Above where?
> The fourth link had nothing to do with police action.



I know. I just thought it was creepy.


----------



## toomanybytes

Homenet said:


> Thanks toomanybytes, i was gonna hunt some down myself but im too lazy



Every once in a while I have to flex the Google muscle.


----------



## Protozoa

toomanybytes said:


> http://www.philly.com/philly/hp/news.../15391047.html



Comes up with _page not found_.

I went back and it works where Homenet posted it. 

Based on how often people glom off of other people's networks, a judge would have to be an idiot to issue a warrant based on an IP. I guess there are idiot judges.


----------



## Homenet

tlarkin said:


> Wow, this thread is ridiculous.  Let me clarify a few things.
> 
> Sure, WEP has its vulnerabilities but most people who say that are just regurgitating what they read off slashdot.  A brute force attack against a strong passwords takes a really long time, longer than most people think.  Secondly, yes you can break WEP but it requires packet injection.  Packet injection only works with a very limited number of WiFi cards because hardware developers do not release source code or specifications to the open source world, where all the hacking tools are developed in the first place.  So, right there you are limited to someone who knows what they are doing to crack WEP, and on top of that have the hardware to do it.  Then if you add in a set of passkeys that rotated you make it even harder for it work.
> 
> Also, recently there has been a technology developed to secure WEP, called chaff packets, google it and educate yourself.  This works because all the wep hacking/cracking tools assume that every packet on a network is good, which is a flaw in the hacking tool.
> 
> If you run WEP on your home network I seriously doubt anyone would hack it or even really know how to  hack it in the first place, or even have the proper software and hardware to do so.  Obviously WPA is the better choice if you don't have any older wifi systems on your network because it is just as easy to set up and less vulnerabilities.
> 
> Now, once someone gains access to your private network and you are running windows they pretty much can access almost anything through basic mapping/pathing bugs in windows.  They can have access to private information and use your bandwidth for bad things, hijack your system, add network active self propagating viruses, so on and so forth.
> 
> If all you can use is WEP in a neighborhood you are most likely fine, just use a secure passkey.  Like, don't use PasSword for your password.



I disagree strongly, if you think that WEP has any kind of security whatsoever your kidding yourself completely, WEP is redundant,  and you do not peform a brute force attack against WEP, once enough packets are collected that contact the initialisation vectors (usually from arp requests) a statistatical attack is made on the packet file. 

For starters you password you use makes no difference whatsoever because it is always in hexadecimal format and of fixed length, either 64bit (technically 40bit) or 128bit. The key that you use makes absoutely zero difference in strengthing the protection, 128bit is slightly more secure however it just requires double the amount of packets to be collected for a succesful attack.

An attacker needs a little bit of experience, an atheros or prism based WLAN card (netgear do several in the £20 - 50 region) and a copy of backtrack. Once they know what there doing with it, providing they have a good signal to your wireless network they can crack your wep key in as little as 5 minutes. It has been proven time and time again that wep is useless and requires only a little bit of research and patience to crack.


----------



## tlarkin

Homenet said:


> I disagree strongly, if you think that WEP has any kind of security whatsoever your kidding yourself completely, WEP is redundant,  and you do not peform a brute force attack against WEP, once enough packets are collected that contact the initialisation vectors (usually from arp requests) a statistatical attack is made on the packet file.
> 
> For starters you password you use makes no difference whatsoever because it is always in hexadecimal format and of fixed length, either 64bit (technically 40bit) or 128bit. The key that you use makes absoutely zero difference in strengthing the protection, 128bit is slightly more secure however it just requires double the amount of packets to be collected for a succesful attack.
> 
> An attacker needs a little bit of experience, an atheros or prism based WLAN card (netgear do several in the £20 - 50 region) and a copy of backtrack. Once they know what there doing with it, providing they have a good signal to your wireless network they can crack your wep key in as little as 5 minutes. It has been proven time and time again that wep is useless and requires only a little bit of research and patience to crack.




*sigh*

Your average user can't remember a password, can't install a stick of RAM, doesn't know the difference between bit and byte, how do you expect them to use a distro of Linux, and use it effectively?

WEP is fine for home security because no one is going to take the time to learn everything to crack your WEP and gain access to a home network with limited bandwidth and no valuable data.  

It is also not quite as easy as you say, you are giving me text book answers, have you ever cracked a WEP key before?  Packet injection can take up to 1 million packets to be successful.


----------



## Homenet

*sigh* yourself, do you know how easy linux distros can be nowadays? backtrack is a live cd, you burn the iso and boot and off you go, im not saying a complete idiot can do it, but someone with a bit of experience and know how can achieve it easily, there are step by step guides all over the internet for such a thing. 

Yes, ive cracked several WEP keys, ive tested it out on 2 wireless routers of my own, and several friends and neighbours, also a works wireless LAN who thought (just like you) that WEP was secure. you do NOT require a million packets, you can use aircrack-ptw that requires on average 20,000 for 64bit and 40,000 for 128bit. these are NOT text book answers im given you, these are proven concepts that I myself have used and tried to prove too many people that WEP is useless. I have to say you are very misinformed about the subject.


----------



## tlarkin

Homenet said:


> *sigh* yourself, do you know how easy linux distros can be nowadays? backtrack is a live cd, you burn the iso and boot and off you go, im not saying a complete idiot can do it, but someone with a bit of experience and know how can achieve it easily, there are step by step guides all over the internet for such a thing.
> 
> Yes, ive cracked several WEP keys, ive tested it out on 2 wireless routers of my own, and several friends and neighbours, also a works wireless LAN who thought (just like you) that WEP was secure. you do NOT require a million packets, you can use aircrack-ptw that requires on average 20,000 for 64bit and 40,000 for 128bit. these are NOT text book answers im given you, these are proven concepts that I myself have used and tried to prove too many people that WEP is useless. I have to say you are very misinformed about the subject.



I know what backrack is, I used it back when it was auditor, thanks though.

OK, OK, you are right, I only have about 500 cicso APs at work here running a rotating WEP key with cloaking, and you can crack it very easily with backtrack, just takes a few clicks.

I said it can take *up to* a million packets to gain access.  Nothing is fool proof and WEP will be gone in a few years from now after legacy support is no longer needed.  However, I will say this again, for your average home user it is fine if you need it.  You aren't listening to a word I am saying, you are just wanting to argue how much you know how busted WEP is.  WEP is only needed for legacy devices, so like I said earlier, if you need to run it (like for your nintendo DS, which only supports WEP) you will be fine at home.

I bet most people on this forum couldn't download backtrack and crack WEP with out learning how Linux works at a basic level, which takes more than a few hours let alone a few weeks.


----------



## Homenet

Heh, right ok whatever, I havent been listening to what you've been saying, but i've been reading it instead  Anyway you keep using WEP and giving yourself a false sense of security, good luck.


----------



## tlarkin

Homenet said:


> Heh, right ok whatever, I havent been listening to what you've been saying, but i've been reading it instead  Anyway you keep using WEP and giving yourself a false sense of security, good luck.



man you must have poor reading comprehension.  I never said I chose to use WEP, I said legacy devices (aka technologies that do not support WPA) are the only thing keeping WEP alive, and there are plenty of security measures to make all your zero config hacking tools not as effective.

I never once said:

-It was better than WPA
-It was fool proof
-or it was preferred over WPA

I have to run WEP at work because a small percentage of old technology does not support WPA.  Trust me, this summer when we get rid of the last of legacy stuff I will switch over everything to WPA.

My original point is, no one is going to take the time to randomly hack a private WEP network its not worth the time.  Your average user will not even know things like backtrack exist, nor even know what hardware supports packet injection.

Go check out airtightnetworks.com they have a lot to say about WEP and have done a lot to make it harder to crack.  Its still not as secure as WPA, but like I said in my original point to the original poster for what they are doing WEP will probably be fine, because just as a deterrent people won't fuss with it or his word document called, "A letter to grand ma."  I also clearly said, if you have no need for WEP support then just use WPA because it takes the same time and effort to set up as WEP, so why not use the more secure.


----------



## Homenet

I dont have poor reading comprehension, to be honest your knowledge is clearly lacking on the subject if you think that obtaining a WEP key is done via a brute force attack, yet you seem to think that average home users are secure using a redudant technology you obviously know very little about

Ask yourself this, do you know everybody who lives down your street and is within range of your AP? the answer is no, and nor do 99% of other home users. so how the hell do you know there isnt some kid 2 doors down who knows what hes doing? were not talking about "a letter to grandma" being at stake here, its your confidential details that you take for granted and send through the internet everybody, your paypal passwords, your online banking details etc etc, all these can be stolen via methods ive already described, so why the hell would you even risk it? Yeh ok.. if you've got absolutely no other means of security than WEP because you've got an old card that doesnt support WPA then yes, use WEP, but at least implement some kind of Mac filtering and SSID cloaking, but also remember that your living on a very redudant technology and by no means should consider your network secure.


----------



## tlarkin

Homenet said:


> I dont have poor reading comprehension, to be honest your knowledge is clearly lacking on the subject if you think that obtaining a WEP key is done via a brute force attack, yet you seem to think that average home users are secure using a redudant technology you obviously know very little about



This will be my last post on this subject, and just to let you know I admit I do not know everything there is to know about everything, no one does.  However, I have been in the IT field for 9 years now, have administered Novell, Windows, Linux, OS X and Unix servers, have supported up to 10,000 clients at one time, and right now, I support over 5500+ laptops in a huge wireless network.  We are most likely going to go Radius or WPA once we get rid of the legacy devices that are holding us back.  I hold certs with Microsoft, Apple, Prometric, HP/Compaq, Gateway, and a few others I forget I even have.  This is my background and qualifications for what I know, what are yours?



> Ask yourself this, do you know everybody who lives down your street and is within range of your AP? the answer is no, and nor do 99% of other home users. so how the hell do you know there isnt some kid 2 doors down who knows what hes doing? were not talking about "a letter to grandma" being at stake here, its your confidential details that you take for granted and send through the internet everybody, your paypal passwords, your online banking details etc etc, all these can be stolen via methods ive already described, so why the hell would you even risk it? Yeh ok.. if you've got absolutely no other means of security than WEP because you've got an old card that doesnt support WPA then yes, use WEP, but at least implement some kind of Mac filtering and SSID cloaking, but also remember that your living on a very redudant technology and by no means should consider your network secure.



Supporting 25,000 users right now I know that your average user can't remember a password.  At some points in my work not a day goes by I don't have to get into the directory and reset a password for a user who can't remember it.  You are forgetting *YOU* are not the average user or even close to it.  You assume everyone is going to know about backtrack and going to hack your network.  I make the same assumptions sometime, and have to remind myself I am not anywhere near the average user.

I already mentioned cloaking, scroll back up.  We also use rotating wep keys, and don't even bother with mac filtering - mainly because it is kind of pointless if wep is broken anyway and no one wants to manage 10 to 12 thousand MAC addresses on our network.

Also, we run a Unix back bone and have a 90% Macintosh population on our network, which by design is way more secure than windows.  We also secure everything at the router level, which again is more secure, we also use private IPs which again is more secure.  Trust me, I know that network security is not one definitive thing or another, it is layered.  We get pegged from China all the time, because over in China they censor the internet, and people try to hack into us all the time to get past their web filters, so we switched over to a software based web filter, which is better.


Now that we have switched primarily to a mac network and all hardware supports WPA2 or greater we will be switching to either RADIUS and require authentication to even gain access to the network, or WPA.  Since I work for the government and I am not the IT director I don't make the calls, all I get to do is put my 2 cents in.


----------



## Homenet

tlarkin said:


> This will be my last post on this subject, and just to let you know I admit I do not know everything there is to know about everything, no one does.  However, I have been in the IT field for 9 years now, have administered Novell, Windows, Linux, OS X and Unix servers, have supported up to 10,000 clients at one time, and right now, I support over 5500+ laptops in a huge wireless network.  We are most likely going to go Radius or WPA once we get rid of the legacy devices that are holding us back.  I hold certs with Microsoft, Apple, Prometric, HP/Compaq, Gateway, and a few others I forget I even have.  This is my background and qualifications for what I know, what are yours?



Ok fair enough, you obviously have a lot of experience in IT and that I admire.  Im guessing im a fair bit younger, Ive studied internet technology for several years, am Cisco certified and work as an IT analyst. However I like to think ive gained quite a lot of practical experience in various fields from personal research.



> Supporting 25,000 users right now I know that your average user can't remember a password.  At some points in my work not a day goes by I don't have to get into the directory and reset a password for a user who can't remember it.  You are forgetting *YOU* are not the average user or even close to it.  You assume everyone is going to know about backtrack and going to hack your network.  I make the same assumptions sometime, and have to remind myself I am not anywhere near the average user.



Fair point, however what I was saying before was that people dont know who is living in their street, they dont know who is in the range of their AP, and this is the problem. If you assume everyone living down your street is a technical newbie then yes, WEP is probably safe for you, but you should never assume this because you just dont know! in my opinion even an intermediate IT user with a little bit of knowledge on linux could theoretically crack a WEP key in a short amount of time.



> I already mentioned cloaking, scroll back up.  We also use rotating wep keys, and don't even bother with mac filtering - mainly because it is kind of pointless if wep is broken anyway and no one wants to manage 10 to 12 thousand MAC addresses on our network.



Yes, dont worry I did read it before  however I thought we were talking about home users, in which case i would advise MAC filtering if WEP is their only option, obviously its very impractical for a large scale network such as yours. As a note your description of your network looks very secure and even an experienced hacker would have trouble gaining acces. Home users on the other end are unlikely to be using Cisco AP's. Most home broadband routers have very few wireless security features except for MAC filtering and cloaking, im not aware of any that are able to rotate WEP keys dynamically.



> Also, we run a Unix back bone and have a 90% Macintosh population on our network, which by design is way more secure than windows.  We also secure everything at the router level, which again is more secure, we also use private IPs which again is more secure.  Trust me, I know that network security is not one definitive thing or another, it is layered.  We get pegged from China all the time, because over in China they censor the internet, and people try to hack into us all the time to get past their web filters, so we switched over to a software based web filter, which is better.
> 
> 
> Now that we have switched primarily to a mac network and all hardware supports WPA2 or greater we will be switching to either RADIUS and require authentication to even gain access to the network, or WPA.  Since I work for the government and I am not the IT director I don't make the calls, all I get to do is put my 2 cents in.



I dont want to get into a heated argument and its clear that your experienced in networking, however in this instance I have seen first hand how insecure WEP is and was quite shocked at how quickly and easily it can be broken, and because of this I would always recomend that even home users avoid it unless absolutely neccesary. Personally when it comes to wirless security I just think it is better for people to be safe than sorry, and that it seems silly to risk your privacy like you would be doing using WEP.

Good day to you sir


----------



## tlarkin

We agree don't worry about it, I just wanted to point out most likely if you are running WEP on a private home network no one is going to mess with it, especially when there are already tons of non secure WiFi in your neighborhood to connect to.  I agree that WPA is just as easy and more secure, so why not use it?  Well, because some people want to use their DS, which only supports WEP (unless they updated it?) or you are using some older technology that doesn't support it.  We still have a few windows 2000 machines running around which do not support WPA (at least I don't think so could be wrong) and windows XP itself didn't support WPA until SP2.  

Hell I had a windows box running DMZ for 2 months just to see if it would catch a virus or get hacked, no one even touched it.  

I don't deal with switches and routers directly, we have a cisco guy that does all of that, and manages all the VLANs, but I have worked with it enough to know basics.  I also know that cisco switches are really easy to set up these days and think i could most likely handle it.  However, my duties right now is supporting users, maintaining our 20 xserves and the open directory and the LDAP, creating new images, deploying software, creating network policies, writing shell scripts to automate everything, and I do everything over ssh to my mac clients so its secure and encrypted, managing network accounts, and when @%$# hits the fan I am the go to guy for all Mac/Unix issues.  In the last month I have probably written over 20 scripts and pushed out 10 packages to end uers over wifi, over ssh with out them even knowing it.


----------

