Hi Sevak,
For example, if the transmitter (Access
point) used to encrypt the packet WEP Key of Key 1, then receiver (CPE) will
use the corresponding WEP key of Key 1, since this key is used for the
encryption of the packet and exists as information.
Here is the example of WEP key
selection procedure:
Transmiter
Receiver
AP
<-------------------------------->
Client
Key1: 11 11
11 11 Key1:
11 11 11 11
Key2: 22 22
22 22
Key2: 22 22 22 22
Default key
= 1 Default
key = 2
Authentication
result = OK
AP
<-------------------------------->
Client
Key1: 11 11
11 11 Key1: 22 22 22 22
Key2: 22 22
22 22
Key2: 11 11 11 11
Default key
= 1
Default key = 2
Authentication
result = Failed
As mentioned above,
the CLIENT keys table should match the APPO keys table.
In order to activate
the WEP key in the APPO(AP mode), you must select at
least one key as a default key. But all the 4 keys are in the access point is
enabled for the authentication. In the client side, the selected “default
key” ONLY activated for the authentication and it should match with APPO’s table entry as stated above.
Thank you
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak
Avakians
Sent: Friday, September 19, 2003 8:20 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [smartBridges]
Stealing service
Hi Seeni,
So if it the APPO is in AP mode and all 4 WEP keys are filled, then any
airBridge can connect using any of those 4 keys, right?
Unfortunately, I tried this and it didn't seem to work. I have all 4 WEP
keys filled on the APPO in AP mode. All of my airBridges have the same 4
keys, but are currently using key 1 as default. Yesterday, I changed one
of the airBridges to key 2. This airBridge disappeared from the network
completely. I couldn't get it back to change it back to key 1. (I'm
expecting the customer to call me and tell me that he's not getting
service. A hard reset should revert it back, I hope?)
What did I do wrong here?
Thanks,
Sevak
On Thu, 2003-09-18 at 18:12,
Seeni Mohamed wrote:
Hi Sevak,
In airBridges and aPPO, you will be able to save 4 WEP keys.
As you said, there is no cycling selection of WEP keys in airBirdge. We
can activate only one key at a same time.
We have implemented this option only on the aPPO in AP mode.
When airPointPRO is running on AP mode, “Default
key” selection option will not work and we use this option for the other
operational mode like client bridge mode.
In AP mode, it is capable to accept multiple WEP keys from
the multiple clients.
For example,
AP= key1 and key2
Client airBridge1= key1 and Client bridge2=key2
Both entries are already in the AP, it will pass the
traffic. As long as the access point entries matched with the key table, the
traffic will pass through.
Seeni
sB Tech Support
[EMAIL PROTECTED]
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak Avakians
Sent: Friday, September 19,
2003 3:12 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [smartBridges]
Stealing service
Thanks, Sully! It will save me some restless nights.
;-)
I'm going to look into the pppoe more closely, but probably will not implement
it for a few months.
Talking about WEP keys, I have all 4 WEP keys listed in the appo and on the
airBridges. I've just tried flipping the default key on the appo from key
1 to key 2, but lost all the airBridges. I guess the airBridges don't
have a cycling method to check for the next WEP key, huh? That would be a
nice feature, I think.
Kind regards,
Sevak
On Thu, 2003-09-18 at 12:10, The Wirefree
Network wrote:
The amount of traffic that MUST be sniffed to crack WEP is
HUGE. I sniffed traffic for 72 hours at the head-end (which hears ALL traffic
on my network), and I did not receive a single “interesting
packet”. You need thousands or even millions of “interesting
packets” to crack WEP. After successfully cracking WEP, the
hacker would need to sniff the MAC and IP pairing (not difficult), spoof them,
and overpower the legitimate client so that he drops off the network, and then
you can assume his identity.
In other words….I don’t see it happening.
Don’t get me wrong…I still recommend PPPoE as
well…but I would NOT lose any sleep about someone spoofing your
customer’s MAC address.
BTW…the internal MAC authorization table (at the aPPo)
authorizes the MAC of the sB device only (not the internal MAC addresses).
I only install exterior (roof top) sB devices. So…my client
does not know their MAC address….and therefore you also don’t have
to worry about them giving their MAC address to a neighbor.
But…even if they did, the bandwidth still counts against the legitimate
client.
Sully
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Sevak Avakians
Sent: Thursday, September
18, 2003 6:58 AM
To: [EMAIL PROTECTED]
Subject: RE: [smartBridges]
Stealing service
Hi Sully,
You're right. I am using WEP. No one has yet done this on our
network, but I would like to take preventative measures.
Thanks,
Sevak
On Thu, 2003-09-18 at 09:48, The Wirefree
Network wrote:
My question is: How are they spoofing the MAC address
if you are using WEP? I highly doubt that they sniffed long enough to
break it….so are you not using WEP?
Personally…I think that it is plain old stupid to not
use WEP…unless you are running a HOTSPOT.
If you are using sB devices at the client-side, then you
just preload the WEP keys (preferably with simpleDeploy) and you are done.
Sully
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak Avakians
Sent: Thursday, September
18, 2003 6:12 AM
To: [EMAIL PROTECTED]
Subject: [smartBridges] Stealing
service
I vaguely remember someone else discussing this on this list: Has anyone
come across "customers" who duplicate legitimate MAC addresses (such
as their neighbor's) on another device to get your Internet service for
free? If so, what can be done about it?
Thanks,
Sevak
