Bluetooth - Breaking The Cables That Bind PCs

A Stacked Deck: THG's First Look At Notebook Network Cards

Wireless Local Area Networking: An Introduction.

We Take The Lid Off NICs From 3Com, Intel And SMC

The Home Network - an engineering feat

Rambler's Top100 Рейтинг@Mail.ru


WLAN Security:  Wide Open
Краткое содержание статьи: If you use a wireless LAN, you should take special security precautions. Relying solely on the built-in encryption will leave you wide open to hack attacks.

WLAN Security: Wide Open

Редакция THG,  19 июля 2002
Вы читаете страницу 1 из 4
1 2 3 4


Wireless LANs are not sufficiently protected, even if network administrators use the built-in security protocol WEP (Wired Equivalent Privacy). A seven-month investigation conducted in London found that 94% of all wireless LANS in use were inadequately protected from attacks. The Cybercrime Unit, a division of the International Chamber of Commerce, found that wireless networks are poorly secured, if they are secured at all. Drive-by hacking is becoming ever more popular: hackers drive through office districts in a car and try to penetrate company WLANs from the street where their signals can still be received.

Three researchers at the University of California at Berkeley, Nikita Borisov, Ian Goldberg and David Wagner, discovered a major security flaw in WEP encryption last year. Furthermore, in August of 2001, cryptographers Scott Fluhrer, Itsik Mantin and Adi Shamir published a paper on the weaknesses of RC4 encryption, on which WEP is based. Shortly thereafter, in late August of 2001, a student at Rice University and two employees of AT&T Labs - Research (Adam Stubblefield, John Ioannidis and Aviel D. Rubin) successfully implemented the ideas expressed in those two publications. What's so fatal about it is that it doesn't require any type of special equipment. All you need is a PC with a standard wireless card working with modified drivers downloaded off the Internet. With this equipment you can record and evaluate several hundreds of thousands of data packets.

How WEP Works

How WEP Works

In many wireless LANs, the WEP key is stated as a word or byte string and is valid for the entire WLAN.

WEP currently uses two encryption depths, 64 and 128 bits. The key is derived from a 24-bit initialization vector (IV) and the actual secret key of 40 or 104 bits. The oft-cited 40-bit encryption is equivalent to 64-bit encoding. The standard does not mention anything about key management; the only requirement is that the WLAN card and the access point use the same algorithm. Usually, everyone on the local network uses the same secret key. The RC4 algorithm uses this key to generate an indefinite, pseudorandom keystream. However, the WLAN users use different IVs to prevent the data packets from always using the same RC4 key "randomly" generated on the basis of an identical WEP key.

Before a data packet is transmitted, an integrity check (IC) computes a checksum. Its purpose is to keep hackers from altering the data during the transmission. RC4 then generates the keystream from the secret key and IV. Then WEP concatenates the data and IC with the keystream using the exclusive-or (XOR) function. First the IV is transmitted in plain text, then the encrypted data. By regenerating the RC4 keystream from the IV and the known key, the recipient can finally decrypt the data by running XOR.
Вы читаете страницу 1 из 4
1 2 3 4


Обсуждение в Клубе Экспертов THG Обсуждение в Клубе Экспертов THG


История мейнфреймов: от Harvard Mark I до System z10 EC
Верите вы или нет, но были времена, когда компьютеры занимали целые комнаты. Сегодня вы работаете за небольшим персональным компьютером, но когда-то о таком можно было только мечтать. Предлагаем окунуться в историю и познакомиться с самыми знаковыми мейнфреймами за последние десятилетия.

Пятнадцать процессоров Intel x86, вошедших в историю
Компания Intel выпустила за годы существования немало процессоров x86, начиная с эпохи расцвета ПК, но не все из них оставили незабываемый след в истории. В нашей первой статье цикла мы рассмотрим пятнадцать наиболее любопытных и памятных процессоров Intel, от 8086 до Core 2 Duo.

Реклама от YouDo
По ссылке http://courier.youdo.com/food-delivery/geo/nevskiy/ - подробнее >>
Восстановление данных после восстановления системы - http://pc.youdo.com/recovery/more/pvs/.