Security Basics mailing list archives
RE: Wireless Networks Encryption
From: "Clement Dupuis" <cdupuis () cccure org>
Date: Mon, 21 Oct 2002 14:51:28 -0400
*This message was transferred with a trial version of CommuniGate(tm) Pro* You can take a look at: http://www.cccure.org/Documents/Wireless/OTS2002.zip It's a presentation in PPT that I did last week. It gives you a nice overview of what the deal is with Wireless Security and what flaw the encryption in use is subject to. Enjoy! Clement -----Original Message----- From: khayes () eastbay com [mailto:khayes () eastbay com] Sent: Friday, October 18, 2002 1:12 PM To: alex hajii Cc: security-basics () securityfocus com Subject: Re: Wireless Networks Encryption My understanding of this is that the WEP key's length (up to 64-bits) controls how secure the connection is. Then again, this is always true... the length of the encryption key is directly related to the strength of the encryption itself. The IP handshake is done the same as any other IP based handshake but before that point the NIC and the WAP do a little pre-handshake work. In a base install the NIC just connects to the first wireless network it sees. Normally we take this a step further and point it to a specific wireless stream. It's during this initial connection phase that some security checks are made. The WEP key configured on the NIC must match that as on the WAP. If they don't match, they don't connect. Being that each WAP on that specific wireless broadcast network needs to support roaming clients, they all have the same WEP key configured. It would be a major support nightmare to try and maintain a matrix of WEP keys to be used depending on where the building you are. Not to mention the countless hours of trying to support the configuration on the end node. Think of it this way... you're walking down the hallway using your PDA with it's brand-new 802.11 NIC. You have to change your WEP key every 40 feet or so because you jump cells. Mighty UNFUN in my book. LOL Ken Hayes Network Administrator Eastbay / Footlocker.com Wausau, WI Offices (715) 261-9573 khayes () eastbay com To: security-basics () securityfocus com cc: "alex hajii" Subject: Wireless Networks Encryption <xenix1989 () hotmail com> 10/16/2002 03:14 PM new wireless networks support encryption, so that messages cannot be sniffed. does anybody know more info on this ? I mean: - what encryption protocol do they use (I thing PGP) ? - exactly how is the hand shake implemented ? - do all clients receive the same public key ? - is it true that keys change each time a network device gets connected to the network ? thank U _________________________________________________________________ Get a speedy connection with MSN Broadband. Join now! http://resourcecenter.msn.com/access/plans/freeactivation.asp - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The information in this e-mail, and any attachment therein, is confidential and for use by the addressee only. If you are not the intended recipient, please return the e-mail to the sender and delete it from your computer. Although the Company attempts to sweep e-mail and attachments for viruses, it does not guarantee that either are virus-free and accepts no liability for any damage sustained as a result of viruses.
Current thread:
- Wireless Networks Encryption alex hajii (Oct 17)
- <Possible follow-ups>
- Re: Wireless Networks Encryption khayes (Oct 21)
- RE: Wireless Networks Encryption Clement Dupuis (Oct 21)