Hello Matt, Tuesday, July 8, 2003, 9:21:43 AM, you wrote: MS> I've heard that wireless (802.11b, a, and g) are inherently MS> insecure due to the ability to sniff packets.
Yes, because the network traffic is being transmitted into the air, and even with directional antennas, it's difficult to completely mitigate the leakage outside the perimeter of your facility. Hence, someone can sit in a parking lot, or a neighbor could passively sniff packets. If you don't have any WEP encryption or VPN, then your packets are pretty much plaintext. Even with WEP encryption, there's a flaw in the implementation of the RC4 algorithm within WEP. That flaw is that WEP encryption is hashed with a 24bit Initialization Vector (IV). With only 24 bits, that means it can only create 16.7 million uniquely coded packets. When it hits the last unique packet, the IV starts over at 1 and then increments up to the 16.7 milltionth packet, ad infintum. When it starts over at 1, it causes a condition known as an IV collision (technically, this really applies to when two or more clients transmit a packet with the same IV, but the theory is the same). When an IV collision happens, it's possible to determine the WEP key from it. The IV is an XOR process. Now, the IV is 24 bits, so when you see 64 bit and 128 bit encryption, it's really 40 and 104 bit encryption plus the 24 bit IV. That's why you sometimes see it as 40 and 104 bit or 64 and 128 bit. MS> However, what about using the 64 bit or 128 bit WEP encryption MS> that comes with the router (such as linksys). Isn't that good MS> enough? No, WEP is easily crackable. A standard committee is working on 802.11i which is an initiative to secure wireless. WEP will be replaced by Advanced Encryption Standard (AES) based on the Rijndael block cypher which was created by Joan Daemen and Vincent Rijmen (Rijndael is based on a combination of their last names). Further there will be Message Integrity Coce/Checks (MIC), Temporal Key Integrity Protocol (TKIP). The current stopgap is Wifi Protected Access (WPA). MS> Where can I get more info on locking down wireless? Take a look here. http://wireless.ittoolbox.com/nav/t.asp?t=379&p=379&h1=379 MS> Thanx. -- Leif --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
