You will still need to know the MAC address. There are third party encryption software you can use instead of WEP
-----Original Message----- From: Jeromey Hannel [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 11:00 AM To: [EMAIL PROTECTED] Subject: [sclug-general] Re: April Meeting Notice Unfortunately, some compromises that were made in developing WEP have resulted in it being much less secure than intended: in fact a free program is now available on the Internet that allows a hacker with minimal technical knowledge to break into a WEP-enabled wireless network, without being detected, in no more than a few hours. > WLAN from 80211-planet.com > > The major threats? > > > Most current products use spread spectrum technology. Vendors initially > claimed it was difficult or impossible to de-spread or demodulate the > signals. Wrong, Gemmel says. It's easy. > All you have to do is steal an SSID (Service Set Identifier), the ID > attached to packets sent over WLANs that functions as a password for > joining a network. All radios and access points within a network use the > same SSID. Packets with other SSIDs are ignored. > > > Vendors also said you couldn't get an SSID unless you were given it. Wrong > again. "We now know SSIDs are sent in the clear," Gemmel says. "You can > get very simple software, some of it free on the Internet, that easily > intercepts somebody's SSID." > > > WLAN signals are prone to being intercepted well outside the facility in > which the network resides. > "A lot of consumers are using wireless LANs now," he points out. "They see > on the box that it's 11 Mbps up to 300 feet. They're not educated enough > to realize, though, that the signal doesn't necessarily stop at 300 feet. > In fact it can go up to 2,000 feet and beyond." > > This makes it easy for eavesdroppers to drive up to an office building - > or home - park and infiltrate a network inside without anyone realizing. > > > As everyone who knows anything knows by now - or should do - the 802.11b > Wired Equivalent Protocol (WEP) encryption can be compromised by hackers > using statistical mathematical analysis tools. Two recent studies, one > from AT&T another at Rice University (www.rice.edu) have made this > painfully clear, Gemmel says. > > At the level of what hackers can do once they smash through inadequate > WLAN defenses, Gemmel puts "file transposition" at the top of his list. > Infiltrators steal an SSID, gain access to a network, hack passwords on > the enterprise LAN and then merrily delete or alter files stored on > servers - or steal trade secrets contained in files. > > Or hackers infiltrate the network and leave behind "Easter eggs," hidden > and undocumented programs or messages embedded in the code of commercial > software residing on the network. Some Easter eggs are harmless, even > funny, but they can also be destructive viruses. > > Gemmel's last WLAN security threat is really only a perceived threat, he > says, because hackers would need a lot of hardware and arcane software to > do it. But theoretically, they could intercept WLAN packets, decrypt them > if they're encrypted using WEP, change them, re-encrypt them and send them > on to the intended recipient - who would never know. > > > > > > > Mike writes: > >> Kinda hard to guess SSID and WEP encryption keys need to authenticate on >> my wireless equipment. If anyone wants to see wireless security, or try >> to break in.... Take a short trip to LeMars. Park your car about 75-100 >> ft. of the new water tower and see if you can get internet access. I'll >> even give you a hint.... You need to guess the right MAC address to use >> for starters. Good Luck. >> >> Mike >> >> >> On Thursday 11 April 2002 02:50 pm, Jeromey Hannel wrote: >>> Guys dont you know how insecure wireless is right now. There are >>> people >>> driving around with their laptops and wireless lan cards getting on your >>> network and stealing your data. >>> >>> > I have a lucent wireless card working in windows and linux. i alo have >>> a >>> > linksys access point. they work great and i would reccomend it to >>> anyone. >>> > (works gret in linux!) >>> > I can help if you need assistance >>> > Kuecker >>> > >>> > -----Original Message----- >>> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >>> > Sent: Thursday, April 11, 2002 8:20 AM >>> > To: [EMAIL PROTECTED] >>> > Subject: Re: [sclug-general] April Meeting Notice >>> > >>> > On Thu, Apr 11, 2002 at 08:13:02AM -0500, Mike wrote: >>> >> Well, I might not be able to make this meeting, unless rain is in the >>> >> forecast. >>> > >>> > Hm ... I see rain in future, Kemo Sabe. ;) >>> > >>> >> In any event does anyone else have wireless (802.11b) equipment up >>> >> and running? Or at least have a wireless card for a laptop? Just >>> >> trying to get a feel, might be a presentation in the works. >>> > >>> > I have a Belkin card that works on the Windows side but I can't get >>> > to run on Linux side ... >>> > >>> > Bill Stone >>> > ___________________________________________________________________ >>> > William Stone, III | Certifications: CISSP, RHCE, CCNA >>> > Proprietor | Phone: (605) 232-6771 >>> > William Stone & Associates | FAX: (605) 232-6763 >>> > P.O. Box 1967 | E-Mail: [EMAIL PROTECTED] >>> > North Sioux City, SD 57049 | Web: http://www.wrstone.com >>> > ______________________________|____________________________________ >
