WEP (Wired Equivalent Privacy) is worse than useless, because it gives
people a false sense of security, which is worse than knowing your
network setup is insecure.
More seriously, it is network-level encryption specified in the
802.11 [1] standard that scrambles the data transmitted data up at the
transmitting end and descrambles it at the other. It uses standard
secret-key (symmetric) encryption at keylengths of 40, 64, and 128
bits (though some recent products have extended this to 256 bits). You
can use it by enabling through your card or AP configuration tool, and
specify a password for the network you want to secure.
Theoretically, if you don't know the key that the network is using
anybody eavesdropping on your network would only be able to pick up
gibberish. Unfortunately, eavesdroppers *can* get around WEP - read
on.
We aren't using it, and you shouldn't either for your own private
networks, for the following reasons:
* For MW purposes, any "secret" key would have to be known to
everybody in MW and thus is not much of a secret!
* WEP [2] is known to reduce bandwidth on many cards.
* Even if this weren't the case, WEP [3]'s design is flawed and there
are readily available tools that can listen in on a network and
determine the key within a few hours or, at most, a few days.
Correction minimum of 15mins to an hour see Tom\'s Networking Guide to
WEP cracking [4].
* If you need to secure your data, you should use software
application-level security such as a VPN [5], email encryption like
PGP [6], logging to machines you can use SSH [7], and so on, which
don't have such known flaws. As any are found, they can be fixed by a
software update rather than requiring to to replace your network card
(or, at the very least, do a firmware upgrade).
802.11i [8] is supposed to fix WEP's flaws and provide proper
security.
Links:
------
[1] http://melbournewireless.org.au/?802.11
[2] http://melbournewireless.org.au/?WEP
[3] http://melbournewireless.org.au/?WEP
[4] http://www.tomsnetworking.com/Sections-article120.php
[5] http://melbournewireless.org.au/?VPN
[6] http://melbournewireless.org.au/?PGP
[7] http://melbournewireless.org.au/?SSH
[8] http://melbournewireless.org.au/?802.11i
[EditText] [Spelling] [Current] [Raw] [Code] [Diff] [Subscribe] [VersionHistory] [Revert] [Delete] [RecentChanges]
Node Statistics | |
---|---|
building | 132 |
gathering | 193 |
interested | 515 |
operational | 233 |
testing | 214 |