How bad is WEP?

[yg17]

Right now, our wireless network is only protected by MAC filtering. This worries me because packets aren't encrypted. I want to switch to WPA, but can't, because my brother's DS, and his ancient Linksys wifi bridge he uses for his Xbox 360 don't support WPA, so I'd have to settle for WEP. I've heard that WEP is easy to crack. How bad is it? If I was to use 128 bit encryption with a long, randomly generated key such as 7c4c3b472f56406d4c484d664a (some key generator I found on the internet produced that) would it still be easy to crack?

Thanks

 

[Mitthrawnuruodo]

I think that any hacker-wannabe can crack into a WEP "protected" network in a matter of seconds...

Edit: From Wikipedia:

In 2006, Bittau, Handley and Lackey showed that the 802.11 protocol itself can be used against WEP to enable earlier attacks that were previously thought impractical. After eavesdropping a single packet, an attacker can rapidly bootstrap to be able to transmit arbitrary data. Then the eavesdropped packet can be decrypted a byte at a time (by transmitting about 128 packets per byte to decrypt) to discover the local network IP addresses. Finally if the 802.11 network is connected to the Internet, the attacker can use 802.11 fragmentation to replay eavesdropped packets while crafting a new IP header on to them. The access point can then be used to decrypt these packets and relay them on to a buddy on the Internet, allowing real-time decryption of WEP traffic within a minute of eavesdropping the first packet.

 

[erikamsterdam]

Well, you can get around that by adding an Airport Express to the network and surfing through that. Then at least you are safe.

 

[Pressure]

I wouldn't sweat it, I am only using MAC-filtering myself.

The AirPort Express I am using doesn't have practically unlimited range and I would doubt it would even reach the other side of the road due to obstacles.

I mean, my stationary hardly gets a consistently connection from the AirPort Express in the living room to my bedroom.

If some "hacker" could be bothered to try and sniff out my MAC-filtering addresses they must be pretty bored. Normal people give up when they are prompted that they can't connect to the selected network and try elsewhere.

I feel my network is snappier without WEP or any other security other than MAC-filtering.

 

[Westside guy]

I wouldn't sweat it, I am only using MAC-filtering myself.

The AirPort Express I am using doesn't have practically unlimited range and I would doubt it would even reach the other side of the road due to obstacles.

MAC addresses are easily spoofed. But I think you've got a valid point - location matters. It's a lot easier to piggyback on someone else's wireless if you're living in tight quarters (apartments, etc.).

That said, my home wireless network uses WPA encryption.

 

[yg17]

Thanks for the advice guys. I'm really hesitant to use WPA, so I'll need to talk to my brother and ask him if he even uses his DS online. If he doesn't, then we'll just run cat5 to his room for his 360 and use WPA on the computers.

 

[Pressure]

MAC addresses are easily spoofed. But I think you've got a valid point - location matters. It's a lot easier to piggyback on someone else's wireless if you're living in tight quarters (apartments, etc.).

That said, my home wireless network uses WPA encryption.

Well, if the only two MAC-addresses already are in use it cannot possible let another with the same MAC-address connect?

Besides, spoofing a MAC-address is also a bit more complicated than what the average person would even consider.

 

[Reflow]

If you are any type of hacker and you have lots of time you can crack any wireless kind of wireless. I use WPA2 - Personal on my Airport base station and also use mac filtering, and it's still not secure enough.....