Frontpage
Forums
Tutorials
Members
Calendar
Subscription
Donate
Links
Contact 
Help
Just interested in others opinion on network security and the best way to secure your network.
Page 1 of 1
How secure is 128 bit Wep with MAC Filtering
Rate Topic:
Back to top
#2
Posted 21 October 2004 - 04:25 PM
It all depends.. where are you using it? what are you using it for? how often do you change the key?
I've been doing work with stuff like that lately and it always depends... even if you lock down the connection what about the hardware being used? could they be broken into? If you're just asking about just the connection itself if you're just surfing at home it should be secure enough but I wouldn't trust it for a corporate environment
I've been doing work with stuff like that lately and it always depends... even if you lock down the connection what about the hardware being used? could they be broken into? If you're just asking about just the connection itself if you're just surfing at home it should be secure enough but I wouldn't trust it for a corporate environment
#3
- SEARCH!!! SEARCH!!!
-
- Group: Super Moderator
- Posts: 7,019
- Joined: 02-September 02
- OS:Windows 7 x64
-
Country:
Posted 21 October 2004 - 05:05 PM
Even if someone cracks your key, they still need to spoof your MAC address which is pretty hard to spoof unless someone else knows it...
http://www.astromike.com/wireless.html
http://www.astromike.com/wireless.html
#4
- *Previously Bi0haZarD*
-
- Group: Members
- Posts: 980
- Joined: 29-July 04
Posted 22 October 2004 - 01:36 AM
first of all i would like too say i would vote twice if i could... 1 for the first option and 1 for the last option. I feel secure that our home network is fine as most people won't ever get that desperate.
secondly.. I would NEVER use wireless. I love having 100 mbps connection and not have to worry about a bunch of settings like WEP and so on. and if anyone is "sniffing" the wireless *dunno if they can do that...* Security is my main concern in both wired and wireless networks.
secondly.. I would NEVER use wireless. I love having 100 mbps connection and not have to worry about a bunch of settings like WEP and so on. and if anyone is "sniffing" the wireless *dunno if they can do that...* Security is my main concern in both wired and wireless networks.
#5
- Member
-
- Group: Members
- Posts: 208
- Joined: 30-December 03
Posted 22 October 2004 - 01:39 AM
I agree with what Biohazard is saying, if I was to use it for work I would go for WPA encryption as this is supposed to be more secure than WEP.
Yes you can "sniff" the wireless out..... and you can "record" the packets, and with enough information you can extract the WEP key.
Yes you can "sniff" the wireless out..... and you can "record" the packets, and with enough information you can extract the WEP key.
#6
- Junior
-
- Group: Members
- Posts: 88
- Joined: 04-September 04
Posted 22 October 2004 - 08:57 AM
This is just my home setup for a desktop and a laptop.
There does not appear to be anyother wireless networks in the area and I think I would notice in the car parking area with a pringle can and a laptop!
The range outside the building is pretty limited as well, went wandering with the laptop!
There does not appear to be anyother wireless networks in the area and I think I would notice in the car parking area with a pringle can and a laptop!
The range outside the building is pretty limited as well, went wandering with the laptop!
#7
- Retired Yiffy Moderator
-
- Group: Members
- Posts: 1,305
- Joined: 14-September 02
Posted 22 October 2004 - 11:22 AM
gamehead200, on Oct 22 2004, 12:05 AM, said:
Even if someone cracks your key, they still need to spoof your MAC address which is pretty hard to spoof unless someone else knows it...
Sure, if you want to connect to it, which most likely isen't your purpose ... Your purpose would be to sniff passwords and private traffic, which is quite easy since a WEP key can be cracked within minuts ...
Personally I use it at home for me laptop, but thats only because I live in the middle of nowhere and because Im not really transfering anything important ... Anywhere else I would'n trust it to secure my transmissions ... not even those "short transmissions" ...
Also, having using a wireless connection not only puts your wireless transmissions at risk, it puts your entire network. If someone manages to log onto your network by cracking the WEP and spoofing a mac he might as well ARP poision all your non-wireless hosts and sniff even normal traffic ...
#8
- Advanced Member
-
- Group: Members
- Posts: 318
- Joined: 15-June 02
Posted 23 October 2004 - 02:49 AM
IMO MAC address filtering is not as safe as most people think. When a client sends an 802.11 frame (encrypted or not), the header of the frame (which contains the MAC address) is never encrypted. This means people can use a wireless sniffer such as kismet and find all the clients' mac address' in a matter of minutes. However, WEP encryption at 128-bit can be decrypted by analysing about 100mb of traffic. So, you can change the key every day and you would be pretty secure.
#9
Posted 28 October 2004 - 11:34 AM
crispy how recently have you tried cracking wep?
because weak ivs no longer exist with neweer hardware had losts of fun trying to crack my own ap after about 4 days of constant traffic i still had no weak ivs and airsnort had not broken into it
for home use though i would recommend firewall, no dhcp, wep, wpa mac filtering, and hiding the ssid. for a buisness i would look at adding a vpn over the network and haveing them completely seperate from most computers on your network. eg in a dmz controled by an up to date smoothwall/or something similar box
because weak ivs no longer exist with neweer hardware had losts of fun trying to crack my own ap after about 4 days of constant traffic i still had no weak ivs and airsnort had not broken into it
for home use though i would recommend firewall, no dhcp, wep, wpa mac filtering, and hiding the ssid. for a buisness i would look at adding a vpn over the network and haveing them completely seperate from most computers on your network. eg in a dmz controled by an up to date smoothwall/or something similar box
#10
- Retired Yiffy Moderator
-
- Group: Members
- Posts: 1,305
- Joined: 14-September 02
Posted 29 October 2004 - 05:22 AM
tacticus85, on Oct 28 2004, 06:34 PM, said:
crispy how recently have you tried cracking wep?
because weak ivs no longer exist with neweer hardware had losts of fun trying to crack my own ap after about 4 days of constant traffic i still had no weak ivs and airsnort had not broken into it
because weak ivs no longer exist with neweer hardware had losts of fun trying to crack my own ap after about 4 days of constant traffic i still had no weak ivs and airsnort had not broken into it
Quite recently actually ... But you're completely right; A patched system would take ages to crack if not imposible ... However, there are still many networks out there with old and unpatched hardware ... Thats the reason I would'n trust WEP anywhere but on my home network ...
#11
- Junior
-
- Group: Members
- Posts: 88
- Joined: 04-September 04
Posted 29 October 2004 - 05:34 AM
Thanks guys some interesting posts
#12
Posted 31 October 2004 - 12:39 AM
crispy pitty we cant get everyone to upgrade 
but also have you tried kismet i kinda gues syou do a little bit of wardriving there
if you do wardrive look for a post in janurary that should have about 4000kms of road wardriven and even then i wont be getting very far just down to adelaide then to melbourne but should look impressive anyway
but also have you tried kismet i kinda gues syou do a little bit of wardriving there
if you do wardrive look for a post in janurary that should have about 4000kms of road wardriven and even then i wont be getting very far just down to adelaide then to melbourne but should look impressive anyway
- ← How do you totally secure comps. from hackers?
- Networks and the Internet
- Windows security scanner →
Share this topic:
Page 1 of 1