802.11b Wireless Security Issues 

Butch's Cedar Hills Broadband Service uses the 802.11b wireless protocol to connect to the Internet. This protocol is secured by either a 40-bit or a 128-bit WEP private key. Recent articles indicate this protocol is no longer secure. See the links below for more information.

Exploiting and Protecting 802.11b Wireless Networks
Yes, wireless LANs are vulnerable, but yours doesn't have to be
By: Craig Ellison
September 4, 2001

"... Our first stop was the deck near the roof of Ziff Davis Media's office building. Using a yagi mounted on a tripod, we easily, in a matter of minutes, discovered 61 access points/wireless routers in the surrounding buildings. 79% (48) of them did not have WEP enabled. We picked one network at random, associated with the access point, and immediately received an IP address from that network's DHCP server. Since the SSID was set to the manufacturer's default, we decided to play a hunch. We pointed our web browser at the IP address of the router, and discovered that whoever installed the wireless router hadn't even changed the default password. Not only were we into their network, we could have changed the router configuration. We were able to surf the web using their Internet connection. And if we had really put a little additional effort into it, we could have discovered additional information about their internal network. However, we were more interested to see how many wireless networks we could discover, not how deeply we could get into them. We discovered that we could identify wireless networks inside buildings at least 6 blocks away. ..."

Wireless LANs dealt new blow
Security goes from bad to worse
By Dennis Fisher & Carmen Nobel, eWEEK
August 10, 2001 5:57 PM ET

"A new attack that can compromise the encryption cipher used on wireless networks has many users and security experts questioning the future of a technology that has long been touted as the future of enterprise computing.

The latest blow to the already shaky security reputation of WLANs (wireless LANs) is the worst one yet. The attack, devised by three well-known cryptographers and re-created success fully by a team of AT&T Labs researchers, enables an eavesdropper to capture a small amount of network traffic and recover a user's secret key in less than an hour.

"This is the last straw for WEP [Wired Equivalent Privacy]," said Adam Stubblefield, a summer intern at AT&T Corp.'s famed lab in Florham Park, N.J., who wrote the code used to compromise WEP. "WEP is basically useless." ..."

Wireless LANs (802.11) Are Not Safe!
W2K Service Pack 3 Expected in Q4
Sunbelt W2K News
August 23, 2001

"There are several security problems with these puppies. I just read a story about a few guys tooling around in the city with a laptop, just looking if that machine would find a wireless LAN to log into. And sure enough, they were into a BANK and able to mess around on that LAN. Sitting in their car, outside the building. Yessir, remember these wireless thingies use RADIO technology to get the packets across.

The Wired Equivalent Privacy (WEP) protocol that is used in 802.11- based wireless LANs is broken. The RC4 encryption algorithm uses a 40-bit key to encrypt network traffic. This is now cracked. A few researchers recently came to the conclusion that "RC4 is completely insecure in a common mode of operation which is used in the widely deployed [WEP] protocol."

The whole thing boils down to the fact that if you are currently using WEP on your LAN, you're inviting trouble. To get out of this, the only quick fix is to create another layer of encryption between ALL wireless nodes. A VPN would do the trick. Don't think about it. Just do it."

IEEE 802.11 Wireless Specification
IEEE Standards Association

Go back home Return to Home Page

Last modified on 27 August 2001