Making the Best of WEP
While not the answer to every wireless security need, WEP can still be effective if used properly.
The 802.11b specification provides a form of encryption called Wired Equivalent Privacy (WEP). It operates on the Media Access Control (MAC) layer, which is part of the Data Link layer of the OSI model. When using WEP, only clients that know the “secret key” can associate with an Access Point or Peer-to-Peer Group. Anyone without the key may be able to see network traffic, but every frame is encrypted. The specification employs a 40-bit shared-key RC4 PRNG algorithm from RSA Data Security. Virtually all cards that speak 802.11b support this encryption standard.
Although hardware encryption sounds like a good idea, the implementation in 802.11b is far from perfect. First of all, the encryption provided happens at the link layer, not at the application layer. This means that your communications are protected up to the gateway, but no further. Once it hits the wire, your packets are sent in the clear. Worse than that, every other legitimate wireless client that has the key can read your packets with impunity, since the key is shared across all clients. You can try it for yourself. On a network using WEP, simply run a packet sniffer such as tcpdump [Hack #37] or Ethereal [Hack #38] on your laptop and watch your neighbor’s packets just fly by.
Get Wireless Hacks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.