| < Day Day Up > |
|
The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www.syngress.com/solutions and click on the “Ask the Author” form. You will also gain access to thousands of other FAQs at ITFAQnet.com.
1. | Is there a list of tools that can be used to scan and attack wireless networks? |
|
2. | Is it illegal to access a wireless network even if it has a default configuration and no security measures enabled? |
|
3. | How long does it take to crack a WEP key? |
|
4. | If a wireless network uses a secondary authentication scheme such as Cisco’s Lightweight Extensible Authentication Protocol (LEAP), can it still be compromised? |
|
Answers
1. | A fairly comprehensive list of wireless discovery and attack tools can be found at www.networkintrusion.co.uk/wireless.htm |
2. | Yes. At a minimum, it is theft of service to access any network, wired or wireless, that you have not received authorization from the owner to access. |
3. | This depends on the amount of traffic on the wireless network. For every one million packets transmitted, approximately 120 interesting packets will be captured. It takes at least 1200 interesting packets to crack the key. Assuming you capture one million packets a day, it would take a minimum of 10 days to crack the key. If the key is changed frequently (say once a week) you might never crack the WEP key. |
4. | Yes. In August of 2003, Cisco acknowledged that LEAP is vulnerable to a dictionary attack. In October of 2003, Joshua Wright (http://home.jwu.edu/_jwright/) released the “Asleep” tool that can exploit this vulnerability. |
| < Day Day Up > |
|