Thread: STEP BY STEP guide to secure wireless??
View Single Post
Old 04-04-05, 11:23 PM   #15 (permalink)
Howard2k
Aximsite Legend
 
Howard2k's Avatar
Addicted Member
 
Join Date: Jun 2003
Location: Toronto, Canada
Posts: 13,721
Thanked 4 Times in 4 Posts

Awards Showcase
Aximsite Active Silver Member Moderator Medal Silver Poster 
Total Awards: 3

Originally Posted by dlweston
Better recheck your facts. With the lastest hack tools, a WEP key can be broke in 5 minutes or less. Once that is done, it does not take long to realize that MAC filtering is being used. Provided one device talking to the AP, getting around a MAC address filter can take less than a minute.

That said, unless there is some information they want from you, this is more than enough security. First, they most likely wanting free Internet connectivity so they will look for easier pickings. Second, if you are worried about someone stealing personal info from your computer, install a firewall. ZoneAlarm (www.zomelabs.com) is free. Third, applying this basic security will relieve you of any liablity should a hacker use you network to cause damage to another party.
http://blogs.zdnet.com/Ou/index.php?p=41
Quote:
In the past, a hacker was at the mercy of waiting long periods of time for legitimate traffic on a wireless LAN to collect 10 million of packets to break a WEP key. In my previous blog on this topic, which was based on Mike Ossmann’s WEP article, I alerted you to the startling fact that even wireless LANs that used 802.1x/EAP authentication to dynamically assign unique per-user, per-session WEP keys were no longer safe against WEP hacking since WEP cryptanalysis had improved 50 fold. Instead of waiting for hours or even days for those 10 million packets, you now only needed about 200,000 packets to break WEP. Even though dynamic WEP key rotation could change a user’s WEP key every few minutes or so (note that key rotation isn’t always implemented by default), the new WEP cryptanalysis techniques put even dynamic WEP in striking range. Now with the new active attacks on WEP described in Ossmann’s follow-up article, hackers no longer need to passively wait for legitimate packets on a wireless LAN because they can actively inject packets into a wireless LAN to ensure a speedy packet collection session. The end result is, any WEP based network with or without Dynamic WEP keys can now be cracked in minutes! If you’re scared, you should be and you’d better go back and read the recommendations in the end of my previous blog if you’re still running WEP in any form.
__________________
Always read stuff that will make you look good if you die in the middle of it.
Howard2k is offline   Reply With Quote