Another Strike Against WEP Security
WEP (Wired Equivalent Privacy) has taken most of the brunt when it comes to the issue of wireless security. This method of encryption has proven to be so vulnerable that several in the industry strongly oppose it. Regardless of the obvious flaws, many companies still use some type of WEP within their networks.
In late 2007, a group of German researchers created a new exploit against WEP using the Aircrack-ptw algorithm. This new attack is capable of cracking the encryption scheme in as little as 20 seconds. While this new method of cracking network security is unsettling, it should come as to no surprise and serve as a reminder that WEP was never secure from the beginning, the underlying reason why so many companies have turned to more efficient standards such as WPA (Wi-Fi Protected Access) or WPA 2.
Growth of WEP Security Hacking Efforts
WEP cracking utilities have become much faster and more efficient over the years, drastically reducing the amount of network traffic required to a determine a WEP key. The most recent scenario employed active packet injection to reduce the time for cracking a key from an hour down to less than a minute. Experts believe that due to existing vulnerabilities in WEP, the new cracking method may actually have little impact.
If an attacker has enough incentive to crack into your network, they usually have at least an hour to spare. WLANs (wireless local area networks) still using WEP keys because of inherited equipment probably aren't using any technologies to automatically refresh the encryption keys. However, if a static WEP has been in use for six months, an hour will not greatly impact the window of exposure.
Eliminating WEP in Wireless Security
To effectively limit network exposure, experts recommend totally doing away with WEP and using more proven methods of security, with WPA-PSK being the least level of implementation. If more reliable encryption cannot be applied because of finances , it is a good idea to isolate WEP devices on VLAN (virtual local area network) subnets of their own. Another good move involves only permitting anticipated traffic from known users and devices connecting to the server. This doesn't make your traffic private but it will prevent intruders from getting deeper into your network.
AirDefense, developers of WLAN security products, recently introduced a WEP cloaking module designed to aid companies in preserving the legacy in network devices, offering savings on costly upgrades and training. The module uses the AirDefense Enterprise platform with wireless sensors to protect devices from WEP encryption attacks. This new product is more comprehensive than other modules, allowing a company to slowly evolve from WEP to WPA at their own pace.
The truth is that many companies will likely continue to use WEP, mainly because they can't afford a WPA upgrade. For example, several retail and inventory companies still use scanners and other devices that only support WEP encryption. Although it's good to start with something, relying on WEP for too long could put your organization at great risk. This level of security was extremely vulnerable to cracking exploits long before the Air-crack-ptw demonstration.
Post a comment