Is WEP Secure?

[Moderator]

Question:
Is WEP Secure?

Answer:
No. WEP at one time was considered extremely, however, now, a skilled hacker can break the WEP passcode in about 40 seconds.

Other common secure formats that exist on most routers now are:

• WPA-PSK [TKIP]
• WPA2-PSK [AES]
• WPA-PSK [TKIP] + WPA2-PSK [AES]
• Another method of security that can be used along with any of the above formats is called Mac Address allowing. A Mac Address is kind of like a fingerprint for your network card, it can be spoofed, however, its usually difficult to do so. Look in your router manual, as Mac Address filtering can be under many different names. Netgear calls it a "Access List"
  
  If your current router doesnt support any of the above formats, ask yourself these questions:
  
• Do I keep important data on my computer and its network shares?
• Does every computer in my home have Firewall installed?
• Do I live in a populated area where my connection will be easily found? (!! Even if you live in a small town, never assume that no one around you knows anything about computers and/or hacking networks) (!! Even if you live miles away from other houses, its still a good idea to have good security. Got to keep those Department of Ecology Superfreaks out of your network, you know!)

Tips for setting up a good secure network:

• Obvious: Make the passcode hard to guess. Never use things such as, 123456789, your name, birthdate, address, street name, anything related to you your location or things you own or manage
• Make it at least eight characters long, and its usually a good idea to include numbers maybe even a few other misc. characters
• Change it every so often! Most security obsessed people will tell you to change your passwords every three months... I think that every 6 months is a better number, however, I still only see a necessary one year change.
• Ex-Girlfriend/Ex-Boyfriend/Other-crazy-person(maybe an ex?) who might want revenge left your house? Ought to change everything then too...

Misc. Information:

• Many people look into wide range WiFi devices. Keep in mind, you dont want your WiFi router to cover the neighborhood. If your device allows you to adjust the broadcast power without affecting the speed, reduce it to the point where it only covers your house
• Never keep an Ethernet cable outside in an area where an insane stranger can get to it. Security seldom applies (except for your router configuration password) to wired connections

Special Thanks:
BC_Programmer        Reminded me of another great way to secure a network, the Mac Address Filter.


Please feel free to ask questions, question, comment, or give concern. Eventually, this topic will be locked once its perfected.

Why cant a psp get around them then???

[Moderator]

Why cant a psp get around them then???

Older PSP firmware versions, last time I checked, only supported WEP. I think that if you upgrade your firmware, you may be able to access other network types.

Why cant PSP access WEP? Bad planning. The PSP wasnt made for Internet, that was just a sub feature... they should have worked harder on it for security reasons.

I've always found that instead of- or, even, in addition to, WPA or WPA2, enabling the router feature to only allow certain MAC ID's authorization. There are ways of spoofing a MAC ID, but that paired with the necessity to crack WPA or WPA2 kind of means they will move to the neighbors open network to begin with. Other peoples insecurity is my security.

[Moderator]

I've always found that instead of- or, even, in addition to, WPA or WPA2, enabling the router feature to only allow certain MAC ID's authorization. There are ways of spoofing a MAC ID, but that paired with the necessity to crack WPA or WPA2 kind of means they will move to the neighbors open network to begin with. Other peoples insecurity is my security.

Very good point. I use that as well, along with WPA-2 Enterprise (or whatever version it is now...). I added it to the list.

why is it then you can access some when it prompts you for a password to it?  Is it cause there isnt one or that its just not secure enough.  I thought that was a main feature. So it would allow for more gaming time an such.

what are you on about?

PSP allowing access to WEP secured connections

because it supports WEP...

yes but shouldnt a password prevent that.  Isnt that why WEP is a security thing.....  .....

that would be why, as you said, it prompts for a password...

were going in a loop here but you can get around that.... oh duh

[Moderator]

If a password wasnt set, if more than one password was set and one of them was blank, or if you didnt set up the password correctly, even if it asks for one, if it wasnt done right, then a blank password would be accepted.

Oh just a matter of putting one.  Did think to think of that, sorry 

Does it matter what is use for a WPA code to secure my wireless router. I use a Truemoblie 2300 Dell Wireless router. This device did not come with any suggested password to use.

[Moderator]

this thread is 18 months old.

Hello, TOMMY_THE_CAT

Yes, this is an  old topic. But welcome anyway to the forum.

WEP is used to keep your neighbors off your witless.
But WEP with hard passwords and Key Codes is beater than nothing.

Code: [Select]

X~w6b}8S
+¦"W*+l
<%=E=z}G
8}'FCO0N
(+@-!S_T
Are example of hard passwords. May vary in length.

You can make a hard WEP Key code with number sand the letters A B C D E F .
Must be exactly ten characters.
Like

Code: [Select]

0987654321
937A4B340F
AA3355DDEE
You get the idea.
Don't leave your wireless with the default password.
Enable  the WEP code.

WEP is nearly useless. use WPA or WPA2.

WEP is nearly useless. use WPA or WPA2.

Why is it useless? Please explain. This thread has draw hundreds of visitors. WEP  is still widely used. 

http://blogs.msdn.com/alexholy/archive/2006/08/07/690912.aspx

To be more specific, what I mean is using the words "security" and "WEP" in the same sentence is laughable at best.

WEP doesn't have passwords. it has a key. And it's so easy to grab from the air via promiscuous mode Wireless cards  that it's a huge waste of time to "customize" the key that is chosen. If you're going to use WEP, all your doing is making your access point slightly less desirable then your other neighbors. You may as well just hide the ssid for that.

If the access point supports WPA or WPA2, do NOT USE WEP.

In fact, it's hardly even worth the negligible gains to enable WEP at all. you're basically banking on the fact that nobody will have a spare 40 seconds to crack the WEP public key and authenticate with your access point.
All it does, is make your access point a less "juicy" target within your neighborhood, assuming some of your neighbors leave their connections insecured. But if that's the case, just hide the ssid- then you have even better "security" over WEP.

Or use an actual secure solution like WPA and WPA2. they actually let you use standard passwords/passphrases.

Thank you BC for the links.
From the links inside the link you gave, there is some good reading on the WEP issue. The WEP provides SOME security, but not much.
 
One of the links states that it is just a XOR with a short key. I did not know that. Is that true? Hard to believe! I thought thought the XOR with a short key was retro 1980 sort of thing.  If there is a string of repeating characters in the plain text, the XOR thing will expose itself as a pattern. If the key was a dictionary word, it will yield a pattern that can be decoded by a smart program.

Here is one of the links I found and it is recommended reading. http://www.tazforum.thetazzone.com/viewtopic.php?t=2069

Now I am not going to agree with you. I am not going to say WEP is useless. No, rather It is about like putting a raincoat on a duck to keep him from getting wet.  Not absolutely  useless. It works while the duck stays away from water. You must train the duck to not go in the water with the raincoat on.

So then, to get the most out of WEP, get all neighbors to sign an agreement that nobody is allowed into a neighbor's wireless is the WEP is on. The WEP then is a indicator that you want some privacy. Kind of like closing the bathroom door without locking it.

[Moderator]

Calm down guys...
The FAQ section is not for open arguments...stop posting here and move it to the open Forums if a discussion is warranted.

[Moderator]

Not sure how I came about this one again, but both of you are right in a way. For the sake of getting good information posted, I'm going to quickly say this:
WEP can still keep the majority of people who are not "tech savvy" from accessing your home network. Anyone with time, the ability to read, and Internet can figure out in a few days how to get past a WEP key.
WEP is considered unsecure by many major security organizations. (Not going to go into detail)

If all you have is WEP, use it. It is like locking the bathroom door. The funny thing is, as it always seems, you don't typically need much to unlock the bathroom door from the outside -- just a fingernail-file.
It's probably time to get a new router. (Or new wifi adapters, if that's the problem).

Someday, WPA will be just as unsecure as WEP. It just happens.

-- I just didn't want a confusing debate with no mediated closure.

I guess I will be shopping for a new router. I have an old linksys, and it uses WEP, which I thought was very secure. I had no clue that it was so easy to crack. I have had my eye on one of the newer wireless-N routers anyway. From what I understand, they are a lot faster, and give you different channels, for different applications. I'm going to assume that if I buy one of these, they will likely have the latest security technology, so this should resolve my current vulnerability issue.

[Moderator]

I guess I will be shopping for a new router. I have an old linksys, and it uses WEP, which I thought was very secure. I had no clue that it was so easy to crack. I have had my eye on one of the newer wireless-N routers anyway. From what I understand, they are a lot faster, and give you different channels, for different applications. I'm going to assume that if I buy one of these, they will likely have the latest security technology, so this should resolve my current vulnerability issue.

The FAQ section is not for open arguments...stop posting here and move it to the open Forums if a discussion is warranted.