How WEP Fails

What WEP Does-and Does Not Do

As I said in Chapter 11, a micrometer is not a C clamp, and vise versa. Many of the 'problems' with WEP stem from people expecting it to be things it was never intended to be. WEP has one mission: To keep outsiders from connecting to a wireless network or monitoring traffic on that network. That's it! WEP was not designed to be anything more than that. Most pointedly:

  • WEP is not an end-to-end encryption mechanism. It provides the same degree of privacy afforded by sending unencrypted traffic through a network cable, hence the phrase 'wired equivalent' in its name. With some work and some stealth, hackers can tap into a wired network. With some work and some stealth, hackers can tap into a Wi-Fi network too.

  • WEP does not distribute or manage encryption keys. Key distribution must be done manually, outside of the 802.11 specification. This is certainly a burden, but it's not WEP's fault. The upcoming Wi-Fi Protected Access (WPA) standard may fix this, with a new protocol called Temporal Key Integrity. The IEEE 802.11i task group standard will certainly fix this, but that's still (at this writing) more than a year off.

  • WEP does not hide traffic sent by one legitimate user of a wireless network from other legitimate users of the same network. Using common packet sniffer utilities, one user can eavesdrop freely on all the others. Don't be appalled; legitimate users of wired networks can pull the same trick!

  • WEP does not authenticate users except by checking encryption keys. WEP's assumption is that a user with a valid encryption key is a legitimate user. WEP does not check any sort of user ID, password, or hardware MAC address. Someday this authentication task will be done by 802.1X systems via portions of the Wi-Fi Protected Access technology and the still-evolving 802.11i task group standard. For now, it's not done at all. (MAC Address Filtering is a separate Wi-Fi feature. It is not part of WEP at all, and as I'll explain later, this feature is not an especially useful one.)

Jeff Duntemann's Drive-By Wi-Fi Guide
Jeff Duntemanns Drive-By Wi-Fi Guide
ISBN: 1932111743
EAN: 2147483647
Year: 2005
Pages: 181 © 2008-2017.
If you may any questions please contact us: