Security Overview

Applying strong wireless security mechanisms is the key to ensure that a wireless network is protected against unauthorized access and eavesdropping. Unfortunately, wireless security is vulnerable if implemented improperly. The following sections examine some of the issues surrounding wireless security and how you can avoid trouble.

WEP Overview

The first, most basic level of securing a wireless LAN (WLAN) is to set up a wired equivalent privacy (WEP) key. This is a means of encryption that encodes transmissions between an access point (AP) and client. This is a basic means of security, but it is not thorough. When wireless devices were first introduced, this was a quick and easy way to provide security. Unfortunately, WEP is inherently flawed; however, it might be your only option if you work with older equipment or client software.

If enough traffic is passed back and forth between client and AP, the packets can be intercepted and the encryption key deduced. This is not a likely issue for homes and small offices that have light wireless activity and uninteresting data. However, in an organization with high volumes of wireless traffic and critical data, it is easy for an intruder to crack the code. It is perhaps worth the effort of the intruder.

Note

The Aironet 1100 Series, 1200 Series, 1300 Series APs, and the 1400 Series bridges that run Cisco IOS Software are especially vulnerable because they send any WEP key in cleartext to the simple network management protocol (SNMP) server if the snmp-server enable traps wlan-wep command is enabled. If you use WEP, make sure this command is disabled.

WEP Weaknesses

WEP is vulnerable to attack for several reasons:

• Distributing WEP keys manually is a time-intensive, laborious task. Because it is tedious to manually rekey the WEP code, the keys are not likely to change frequently. Therefore, an attacker probably has enough time to decipher the key.

• When keys are not changed often, attackers can compile so-called decryption dictionaries. These are huge collections of frames, encrypted with the same key. These frames can then be analyzed and used for attack.

• Standardized WEP implementations use 64- or 128-bit shared keys. Although the 128-bit key sounds excessively durable, it is still possible to crack a key this size within a short interval with sustained traffic.

• WEP uses RC4 for encryption. Of all the possible RC4 keys, the statistics for the first few bytes of output are nonrandom, which can provide information about the key.

Note

RC4 is the most widely used software stream cipher. In addition to WEP, it is also used in secure sockets layer (SSL), the encryption medium used for web pages. Although widely deployed and adequate for web use, it is generally not considered a good means of encryption for WLANs.