Re: Is Dynamic WEP Secure Enough?

["Jon Smith" <like2hax () hotmail com>]

So if I follow the thread, WEP is OK ... j/k.

Upon further digging with my staff, we have very few wireless devices even 
on that network.  Therefore scrapping them won't hurt as much as I thought.
Mr. Martin's last post does raise a question; how fast can you rotate keys?  
Why not every 3 minutes?  I assume overhead would be a problem.

Lastly, my preferred solution is Trapeze Networks.  There system seems very 
slick with the multiple security systems I need.  The next closest was 
Extreme Networks, but they don't seem to be as advanced.  Plus we have all 
their switches and the APs are same fruity purple.  The questions is, has 
anybody had any experience with Trapeze (good or bad), they seem to be newer 
company.  Any intel would be awesome.

Thanks

Rocko



> From: Kelly Martin <kel () securityfocus com>
> To: Jon Smith <like2hax () hotmail com>,security-basics () securityfocus com
> Subject: Re: Is Dynamic WEP Secure Enough?
> Date: Mon, 21 Mar 2005 16:53:24 -0700
>
> No, WEP can be cracked in less than ten minutes (even on a network without 
> much traffic - a hacker can stimulate his own traffic). Rotating keys just 
> isn't enough to cover the weaknesses, unless you want to rotate keys every 
> three minutes. :) Personally I think WPA is the only way to go, or else you 
> might as well keep the network open and turn WEP off entirely.
>
> We published the following articles by Michael Ossmann on SecurityFocus 
> recently:
>
> WEP: Dead Again, Part 1  http://www.securityfocus.com/infocus/1814
> WEP: Dead Again, Part 2  http://www.securityfocus.com/infocus/1824
>
> Regards,
>
> Kelly Martin

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/