On Fri, 11 Apr 2003, Rodolfo J. Paiz wrote: > At 10:25 PM 4/11/2003 +0530, you wrote: > >But from a cracker's perspective, the 128 bit WEP system is as easy to > >crack as 40 bit. > > 1. Why? One word - AirSnort ;-) (http://airsnort.shmoo.com/) I think going indepth into this is a wee beyond the scope of this list. Most of the information is on the airsnort site - check the Introduction section for some useful links. > 2. Is there any way to prevent such cracking? You cannot prevent the actual cracking of the keys, but you can protect yourself from harm by using a VPN running over the actual Wifi link. > 3. If there is an inherent flaw in the WEP protocol, do 802.11a or 802.11g > share such a flaw? Yes, well documented and easily demonstrated. Until 802.11i becomes reality, I am afraid we will have to live with this. > 4. Is there a way to patch or upgrade to avoid that flaw? Not at this point. WQork is afoot to come up with a more secure protocol, but it will take a while. In the meanwhile, solutions like running a VPN over WiFi can help.. Note, however, that irrespective of all this - running an encrypted link does have a deterring effect and will protect you from casual snoopers, so even though an encrypted link slows you down by almost 60%, it is still safer than a totally unencrypted link. I suggest a visit to the tutorials section on http://www.80211-planet.com/ for more information, where this stuff is more on-topic. ;-) Hope this helps, Atul -- ------------------------------------------- Atul Chitnis | achitnis@xxxxxxxxxxx Exocore Consulting | http://www.exocore.com Bangalore, India | +91 (80) 344-0397 -------------------------------------------
