Re: [PEN-TEST] Penetrating Wireless Networks

[Phil Cox <Phil.Cox () SystemExperts com>]

> Well, one problem is that WEP requires some overhead and on lower end
> equipment can degrade performance.  A lot of the gateways/access points
> don't have the CPU power to adequately handle 64-bit WEP let alone
> 128-bit.

Which ones that implement it have the performance problem?

> At least in several of the wireless networks I've seen, a more
> efficient setup would be to disable WEP entirely and use IPsec
> end-to-end (ideally moving the processing needs to a more suitable CPU).

What about IPSec interoperability issues?

> So I think the better answer is "do not use it and use other appropriate
> security measures instead" :).

I will agree to disagree. The thread of this was about testing the networks.
Has *anyone* successfully used the proposed weaknesses in WEP to break the
wireless network? Or did you find an easily guessed WEP key and SSID, then
grab the traffic? It seems that the "weakness" in WEP is still sufficiently
stronger than the run of the mill pen-tester tools. Please elaborate on the
tools and techniques that anyone *has actually used* defeat this terrible
WEP protocol?

My point is, as I have stated many times, is that it is a tool in a tool
chest.

Phil