Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
WEP enabled provides sender and receiver with a 40 or 128 bit shared private key that is used to encrypt packets transmitted over the network. This is supposed to transmit secure data, not just prevent access to your network.
The SSID is transmitted in cleartext, so if you are sniffing the local area, it can be detected easily. Even if the access point is not active, but a passive node, any replies by the access point will transmit the SSID in cleartext.
With the MAC address filtering, the MAC addresses are transmitted in cleartext, vulnerable to sniffing. Some cards allow you to modify the MAC, and this would allow access.
What does it do for me?
Technically WEP uses an RSA RC4 algorithm to encrypt traffic going from one wireless segment to the other. Everything on the wire is unencrypted. Anyone trying to sniff the wireless packets will see garbage and if you have your network setup to only allow "shared-key" mode, then only those possessing the WEP key can associate with your access point.
Is 128 bit WEP secure?
Normally RSA RC4 is fairly strong encryption, but the way in which the WEP protocol actually implements it allows it to be cracked. For 128 bit encryption, it actually uses a 104bit WEP key plus a 24 bit 'initialization vector'. The initialization vector is cycled with each packet and every once in a while the same IV is used, potentially revealing part of the WEP key. If you capture enough of these "weakly encrypted" packets, you can eventually determine the entire WEP key. However, I've monkeyed around cracking WEP and it is HIGHLY dependent on the amount of traffic that you generate. For most normal home networks, someone would have to sniff your wireless network for 2-4 weeks non-stop to gather enough weakly encrypted packets to crack your WEP key. All of the reports on how you can crack WEP in a couple of hours setup one of the clients to ping flood the AP, thereby generating an abnormally high number of packets. So for most people that really isn't a realistic model, but if you had a large network or did something like stream mp3s I would definitely be concerned. Not matter what, I would highly recommend changing the WEP key at the very least once a month. As far 128 vs 64 bit encryption, supposedly they are both equally as vulnerable.
Is it supposed to secure transfer of data or is it just to keep other people from accessing my network?
Again if you set you network up to only allow those with the WEP key to connect, then it will do both.
If I use MAC address filtering on my AP and 128 bit WEP is it secure enough? MAC filtering is trivial to get around and would really be just a minor inconvenience to anyone wanting access. Truthfully though it really depends on what you mean by secure enough. If you are talking about a corporate network that has sensitive data on it, then you would be insane to rely on WEP. If you mean your home LAN where you just don't want your neighbor to know you have goatse as your homepage, then you should be alright. The biggest factor is that most wireless networks don't use WEP and a surprising number haven't changed the default settings. So people wanting to leach off someone elses connection or break into networks would really have a cornucopia of choices, the question you have to ask is would someone have a reason to sniff your network for a month non-stop. If your answer is yes or maybe, then you should probably think about using something besides WEP. If your just worried about the average Wardriver, then WEP should be enough of a deterrent that they'd probably look for easier targets.
What other option is there?
Besides buying a whole mess 'o CAT5 and chucking your AP out the window, there are a number of WEP alternatives that do a better job. FreesWAN/IPsec, using ssh or ssl tunnels to span the wireless segment, WPA, and the IEEE is supposedly going to come up with a new wireless encryption implementation to replace WEP.
As far as preventing people from associating with your WEP, you can use something like RADIUS or NoCAT authentication as a further layer of security.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
No, actually that would be incorrect. It's possible to generate interference that kicks the WAP off the air and causes it to restart. When it restarts it may broadcast for a brief period. Also, you would need to be absolutely positive that there were no clients still associated with it (even if they weren't actively using the connection) because when it's lost, they will try to reassociate with the AP, thus causing traffic.
The only real way to protect 802.11a/b/g is to set the AP on it's own network segment, firewalled from your LAN and to use IPSec to reach any internal hosts that you need. All the normal ports should be completely blocked from the W/LAN side (except for 500/UDP for IPSec, and that only to your IPSec box). If you're only allowing IPSec traffic through, then there's no point to use WEP since the traffic is already encrypted and WEP is just adding more overhead to each packet. Only permitting approved MAC addresses will cause a speedbump for dedicated crackers, but it will keep casual/accidental users off your AP, so it's still recommended.
With the state of Linux wireless nowadays, you're lucky to get WEP to even work. The WPA-TKIP is a really nice solution, but like you know first hand, finding hardware that supports it is tough. Plus I would imagine severing your big toe off with a spork would be a significantly more enjoyable experience than trying to get non-standard wireless protocols to work under linux. I really hope that changes, but for now the options are kind of slim. Using VPN or some other kind of encryption tunnel is probably the best way to go in terms of security vs ease of implementation.