[MLB-WIRELESS] WEP vs MAC Filter vs WEP + MAC Filter

Steve Smithies steve42 at gmx.net
Fri Apr 22 12:12:02 EST 2005


> Basically, To stop a random wardriver: WEP encryption (can even be 64bit),
> its easier for them to drive another 200m and find an open node. To stop a
> linux script kiddie: WEP plus Mac addy filtering To stop most things: WPA
> on a 1-2 minute key rotation, with mac address filtering. (I read on
> slashdot it takes the FBI at least 3 mins to break WEP which is pretty
> amazing, but if your key changes every 2 mins or so, im not sure even they
> can get in).

Not just the FBI can do it.  The tools that the FBI used in that case are
publically available:

   http://www.tomsnetworking.com/Sections-article111.php

   'After about three minutes of capturing and cracking, the FBI team found
    the correct WEP key, and displayed it on a projected notebook screen.
    Agent Bickers, still speaking to the audience, turned around, looked at
    the screen and was surprised, "Usually it takes five to ten minutes." '

If you want to be really secure, then use a VPN.  Then, if the attacker gets 
past MAC filtering and WEP, the traffic they sniff is still encrypted, and to 
actually _use_ the network, they have to log into the VPN.

Steve.

To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message



More information about the Melbwireless mailing list