WIRELESS LAN SECURITY MYTHS
For the last three years, I’ve been meaning to put to rest once and for all the urban legends and myths on wireless LAN security. Every time I write an article or blog on wireless LAN security, someone has to come along and regurgitate one of these myths. If that weren’t bad enough, many "so called" security experts propagated these myths through speaking engagements and publications and many continue to this day. Many wireless LAN equipment makers continue to recommend many of these schemes to this day. One would think that the fact that none of these schemes made it in to the official IEEE 802.11i security standard would give a clue to their effectiveness, but time and time again that theory is proven wrong. To help you avoid the these schemes, I’ve created the following list of the six dumbest ways to secure your wireless LAN.
Wireless LAN security hall of shame
MAC filtering: This is like handing a security guard a pad of paper with a list of names. Then when someone comes up to the door and wants entry, the security guard looks at the person’s name tag and compares it to his list of names and determines whether to open the door or not. Do you see a problem here? All someone needs to do is watch an authorized person go in and forge a name tag with that person’s name. The comparison to a wireless LAN here is that the name tag is the MAC address. The MAC address is just a 12 digit long HEX number that can be viewed in clear text with a sniffer. A sniffer to a hacker is like a hammer to a carpenter except the sniffer is free. Once the MAC address is seen in the clear, it takes about 10 seconds to cut-paste a legitimate MAC address in to the wireless Ethernet adapter settings and the whole scheme is defeated. MAC filtering is absolutely worthless since it is one of the easiest schemes to attack. The shocking thing is that so many large organizations still waste the time to implement these things. The bottom line is, MAC filtering takes the most effort to manage with zero ROI (return on investment) in terms of security gain.
SSID hiding: There is no such thing as "SSID hiding". You’re only hiding SSID beaconing on the Access Point. There are 4 other mechanisms that also broadcast the SSID over the 2.4 or 5 GHz spectrum. The 4 mechanisms are; probe requests, probe responses, association requests, and re-association requests. Essentially, youre talking about hiding 1 of 5 SSID broadcast mechanisms. Nothing is hidden and all youve achieved is to cause problems for Wi-Fi roaming when a client jumps from AP to AP. Hidden SSIDs also makes wireless LANs less user friendly. You dont need to take my word for it. Just ask Robert Moskowitz who is the Senior Technical Director of ICSA Labs in his white paper Debunking the myth of SSID hiding.
LEAP authentication: The use of Cisco LEAP authentication continues to be the single biggest mistake that corporations make with their wireless LAN because they leave themselves wide open to attack. Cisco still tells their customers that LEAP is fine so long as strong passwords are used. The problem is that strong passwords are an impossibility for humans to deal with. If you doubt this, try a password audit of all the users in your organization and see how long it takes to crack 99% of all passwords. 99% of organizations will flunk any password audit for most of their users within hours. Any attempt to enforce strong passwords will result in passwords written on sticky notes. Since Joshua Wright released a toolthat can crackLEAP with lighting speed, Cisco was forced to come out with a better alternative to LEAP and they came up with an upgradeto LEAP calledEAP-FAST. Unfortunately, EAP-FAST still falls short in security with its default installation. Although Cisco makes LEAP and EAP-FAST freely available to partners for the client end, the same is not true for Access Points.LEAP and EAP-FAST are essentially two proprietary protocolsthat Cisco employs as a strategy to monopolize the Access Point market. There are open standards based EAP mechanisms like EAP-TLS, EAP-TTLS, and PEAP which are all much more secure than either LEAP or EAP-FAST and they work on all Access Points and client adapters, not just Cisco. Cisco does support open standard EAPs just like everyone else so you should always use open EAP standards to get better security and avoid the hardware lock-in.
Disable DHCP: This is much more of waste of time than it is a security break. DHCP allows the automatic assignment of IP addresses and other configurations. Disabling DHCP has zero security value and just wastes time. It would take a hacker about 10 seconds to figure out the IP scheme of any network and simply assign their own IP address. Anyone who tells you that this is a way to secure your wireless LAN doesn’t know what they’re talking about.
Antenna placement: I’ve heard the craziest thing from so called security experts that actually tell people to only put their Access Points in the center of their building and put them at minimal power. Antenna placement does nothing to deter hackers. Remember, the hacker will always have a bigger antenna than you which can home in on you from a mile away. Making a wireless LAN so weak only serves to make the wireless LAN useless. Antenna placement and power output should be designed for maximum coverage and minimum interference. It should never be used as a security mechanism.
Just use 802.11a or Bluetooth: Fortunately, I haven’t heard this one for a while. There were so called security experts that went around telling people that they simply needed to switch to 802.11a or Bluetooth to secure their wireless LAN. 802.11a refers to a physical transport mechanism of wireless LAN signals over the air, it does not refer to a security mechanism in any way.
Dishonorable mention: Some of you might be wondering why I didn’t put WEP in as one of the six dumbest ways to secure a wireless LAN. In light of recent developments within the last 6 months, it takes only a few minutes to break a WEP based network which makes WEPcompletely ineffective and a good potential future candidate for the wireless LAN security hall of shame. Where it currently fails to be in the hall of shame is that it still holds up for a few minutes, requires a little skill to launch the packet injection attacks, and isn’t propagated as an urban legend for a secure wireless LAN. The top six require no skills, takes less than a minute to crack, and are propagated asurban legend. However, that doesn’t mean you should use WEP in any form or shape.
This blog wasn’t just meant to be funny, it’s serious business that so many organizations waste their time and money on worthless security schemes that give them a dangerous false sense of security. If you fall in to any of these six categories, it’s time to wake up and implement some real wireless LAN security. For those interestested in some simple advice for their homes and small offices, check out my last blog.
Introduction
One of the most common questions that people ask me about Wireless LANs is
"are Wireless LANs really safe?" immediately followed up by "what
kind of security do I need for my Wireless LAN?" The answer to the
first question is "yes, if you implement good security measures" but
the second question forces me to resort to the old "it
depends". It depends on what level of risk is acceptable to your
home or organization. It depends on what level of management and cost you
are willing to bear. To simplify this extremely complex topic, I've come
up with four arbitrary levels of WLAN (Wireless LAN) security as a general
guideline that is designed to suit everyone's needs from the home to the
military.
Level 1: Home and SOHO WLAN security
Unfortunately, many home users are either using some old equipment, old
drivers, or older operating systems that don't natively support WPA so they are
still using WEP if anything at all. WEP encryption was thought to be good
for a week for most light traffic home wireless networks because the older WEP
cracking tools needed 5 to 10 million packets to recover a WEP key, but the
newest WEP cracking techniques can break WEP in minutes. Even if there
isn't that much traffic, the attacker now has ways to artificially generate
traffic and accelerate WEP cracking. Because of this, consumers should
avoid any product that doesn't support WPA TKIP mode at a minimum but
preferably WPA AES capable or WPA2 certified devices. If they have WEP only
devices, check with the vendor to see if there are any firmware and/or driver
updates that will upgrade the device to WPA mode. If not, anyone who
cares about privacy should throw out those devices. As harsh as that may
sound, it is comforting to know that newer Access Points and Client Adapters
that do support WPA can be purchased for as little as $30. Client side
Wireless LAN software (officially known as Supplicants) also need to be updated
to support WPA or WPA2. Windows XP SP1 with the WPA patch can suffice,
but Windows XP SP2 is highly recommended.
The home or SOHO (Small Office Home Office) environment is very unlikely to
have any kind of Authentication and PKI in place. This may change when TinyPEAP gets launched, but
that is currently in BETA phase and is not ready for prime time yet.
TinyPEAP puts a PEAP authentication server and PKI Certificate Authority in
your home's Wi-Fi enabled Linksys Router which was once the exclusive domain of
large organizations with dedicated authentication servers. For the time
being, the only viable option for this environment is WPA PSK (Wi-Fi
Protected Access Pre-Shared Key) mode. WPA mode mandates TKIP at a
minimum but also has an optional AES encryption mode. AES mode is highly
recommended because it has a rock solid pedigree in cryptanalytic resistance
whereas TKIP may be under attack in the near future. Note that AES in
WPA2 (fully ratified version of 802.11i) is no longer optional and is mandated
today. Since most home users would be lucky if all of their equipment and
software was TKIP capable, most homes will have to be content with TKIP mode
for now.
WPA PSK mode can be an effective security mechanism but leaves a lot to be
desired in terms of usability. This is because WPA PSK can be
cracked with offline dictionary attacks so it relies on a strong random
passphrase to be effective. Unfortunately, humans are very bad at
memorizing long random strings of characters and will almost always use simple
to remember words and phrases or some slight variation of that. This
lends itself to dictionary attacks where a hacker will try every variation of
every combination of words in the dictionary. To make this very difficult
to hack, use a 10 digit string of random characters comprised of a-z, A-Z, 0-9
or use a very long word phrase made up of 20 or more characters.
Unfortunately, this will force many users to write down their passphrases which
in itself may lead to passphrase theft. WPA PSK is not a good long term
security solution and leaves Level 1 security with much to be desired, but it
can be safe when used correctly.
Level 2: Small Business WLAN security
Small businesses must move beyond Level 1 by incorporating authentication
in to their Wireless LAN access controls. The standardized method for
doing this is 802.1x and PEAP or TTLS authentication. 802.1x restricts access
to the Datalink layer of a network by only permitting access to the network if
a user proves their identity through the EAP (Extensible Authentication
Protocol) mechanism. There are many forms of EAP, but the two forms of
EAP that is most appropriate for Level 2 security is PEAP (Protected EAP) and
TTLS (Tunneled Transport Layer Security). Note that PEAP in the general
context refers to PEAP-EAP-MSCHAPv2 mode, which only requires a Server Side
Digital Certificate and a Client Side Username/Password. There are
stronger forms of PEAP which we'll cover later in the higher security
levels. TTLS is actually a little better in security than
PEAP-EAP-MSCHAPv2 because it does not divulge the username in clear text.
However, both forms of authentication do a good job of protecting passwords
because the MSCHAPv2 password challenge session is protected inside an
encrypted tunnel. This is why PEAP or TTLS is so much better than Cisco's
LEAP
mechanism which transmits the MSCHAPv2 session in the clear lending itself to
easy offline password dictionary cracking.
To implement PEAP or TTLS, the organization needs to implement a RADIUS
Authentication Server. There are many ways to do this no matter what your
software preference is. There are options for Microsoft Windows 2003
Server with IAS, 3rd party applications such as Funk Odyssey
(needed for TTLS mode) that run on Windows, Open Source solutions with FreeRADIUS.
However, in order to run in PEAP or TTLS mode, the RADIUS server must have a
server side x.509
digital certificate. This certificate can be purchased from a 3rd
party Certificate Authority such as Verisign, or it can be issued from an
organization's internal Certificate Authority. These two options are
conventional wisdom but neither option is particularly appealing to small
businesses since they won't like paying $500/year for a 3rd party Digital
Certificate and they most likely don't have a PKI
in place which requires a Certificate Authority server. An excellent way
to get around this problem is to use a Self Signed Certificate on your RADIUS
server. Self Signed Digital Certificates violates all best practice
concepts for PKI, but I say be damned with them if the alternative is to use no
Digital Certificates at all on your RADIUS server and run a completely
vulnerable EAP mechanism such as LEAP.
Running a secure EAP mechanism such as PEAP or TTLS is too important to let PKI
be an obstacle. A newer protocol from Cisco called EAP-FAST promises to solve this problem by claiming that
you don't need PKI and Digital Certificates but if you read the fine print from Cisco, that's clearly not the case.
Self Signed Certificates would solve the problem for PEAP, TTLS, or EAP-FAST
for organizations too small to run a dedicated PKI Certificate Authority infrastructure.
The easiest method by far if you're a Microsoft Windows 2003 Server shop is to
use the built in RADIUS server of Windows 2003 called IAS (Internet
Authentication Server). For a small business, there is nothing wrong with
adding the IAS service to an existing Windows 2003 server even if it's their
only server which also happens to be the Active Directory server. You can
either convert that server in to a Certificate Authority as well and grant
yourself a digital certificate for the RADIUS server or simply Self Sign a
digital certificate. With this in place, the Root Certificate (the public
key of the Digital Certificate) for the RADIUS server must be installed in all
of the client's computers. With Active Directory, this can be easily be
pushed out via Group Policy. All of the clients also need to configure
their wireless settings on the WZC (Wireless Zero Configuration) service built
in to Windows XP SP1 or SP2. However, Active Directory allows you to
configure this globally for all your users with Active Directory Group
Policy. Using the Microsoft method, a secure wireless network can be
deployed throughout an organization big or small in hours. If you don't
have IAS, it comes with Windows 2003 Standard Edition which costs around $500
per copy. IAS in my experience is extremely robust, reliable, and secure.
For those who wish to implement TTLS, they will need to either purchase Funk
Software's Odyssey server (in the $2000 range) or implement FreeRADIUS on Linux
which is Open Source. Note that Windows does not have a built in TTLS
client built in, you will need to purchase a wireless Supplicant (AKA Client
software) for your end users. MDC has an Open Source version for Linux, but you'll need
to purchase one for Windows which is what most people are using. You'll
either need to implement the Root Certificate on the Clients manually or you'll
need to purchase a 3rd party Digital Certificate which has its Root Certificate
already preinstalled. As for client side configuration, you'll need to
find some other method to automate the installation process since Active
Directory does not support the automation of 3rd party clients.
While 802.1x and PEAP or TTLS addresses the authentication half of the equation
when it comes to security, encryption must also be addressed. Up until
recent months, it was thought that "Dynamic WEP" where WEP keys are
rotated often (commonly 10 minutes) was considered to be "good
enough" encryption. With the next
generation of WEP cryptanalysis tools, this is no longer the case and TKIP
is the new bare minimum. The WPA standard implements TKIP which is a rewrite of
the WEP protocol which will hold against current cryptanalysis techniques for
now, but newer methods of attacking TKIP are on the horizon. The reliable
long term solution from the IEEE standards body is the 802.11i standard
which mandates AES.
The recommendation for Level 2 through 3 is that you should be using WPA with
TKIP at a minimum and upgrade to AES as soon as possible. Note that some
WPA devices already support AES encryption while all WPA2 certified devices
must support AES encryption. To be on the safe side, only buy products
that support 802.11i and are WPA2 certified.
From a vulnerability standpoint, the only way to break this security level is
to steal a user credential by either looking over someone's shoulders to see
what password they are typing, coaxing them in to telling you what the password
is (this is easier than you think), or installing a key logger on to a user's
computer so you can record their key strokes as they type in the
password. Barring password theft, it would be far easier to break in to
your premise and tap in to a Wired LAN than to attempt to crack Level 2
Wireless LAN security. Level 2 is a good choice for most small businesses
but organizations where security is a high priority should seriously consider
the next two levels because a single lost password could compromise the entire
system..
Level 3: Medium to large Enterprise WLAN security
Level 3 Wireless LAN security builds on the same principles of Level 2, but
you're not allowed to use the "cheats" such as bolting on the RADIUS
server on to an existing server or using Self Signed Digital
Certificates. PEAP-EAP-MSCHAPv2 is also disallowed because of its sole
dependency on passwords which would be classified as "single factor"
authentication. EAP-TLS or PEAP-EAP-TLS using "soft" Digital
Certificates (certificates that are stored on the user's hard drive) would be
the recommended authentication method for this security level.
PEAP-EAP-TLS is an improved version of the original EAP-TLS protocol that goes
further to encrypt client digital certificate information. Both
PEAP-EAP-TLS and EAP-TLS have the same server and client side digital
certificate requirements, but PEAP-EAP-TLS may not be compatible with some
older Supplicants (Client Software) or some non-Microsoft client side
implementations.
To implement EAP-TLS or PEAP-EAP-TLS, not only does the server require a
Digital Certificate but the users as well. This means you will need a
full blown Certificate Authority to issue a proper Server Digital Certificate
on a pair of dedicated RADIUS servers and not just a Self Signed Certificate on
a makeshift RADIUS Server. For this security level, the proper PKI best practices should be followed. There should be at
least a single dedicated PKI Root Certificate Authority, but preferably it
should at least be a 2 or 3 tier PKI design. A two tier chain for a
medium Enterprise organization would have an offline Root Certificate Authority
and an online Issuing Certificate Authority. A large Enterprise should
implement the three tier design with offline Root Certificate Authority,
offline subordinate Certificate Authority, and online Issuing Certificate
Authority. The reason for this is that if a Certificate Authority is ever
compromised, you can revoke it and create a new one from the higher offline
Certificate Authorities without having to start your PKI deployment from
scratch. Building a PKI from scratch because of a compromised Certificate
Authority would be completely unacceptable in a large scale environment.
To deploy Digital Certificates to the user community, a PKI management
infrastructure must be deployed and permanent human resources must be allocated
to manage end user certificates if your user base numbers in the thousands or
more. Medium size Enterprises can add PKI management to their current
hire/termination procedure. Microsoft Active Directory with an Enterprise
Root Certificate Authority (a PKI that is completely integrated in to an Active
Directory) can issue digital certificates automatically, but be warned that
this is not a substitute for proper management. Lost or stolen laptops or
terminated employees must have their digital certificates revoked and this is
not an automatic process even if a user account is disabled or deleted.
After the certificates are revoked, they must be published in a CRL
(Certificate Revocation List) and be applied to all Authentication servers or
else the revoked certificates are still usable. If Active Directory
auto-enrollment is used, it is highly recommended that you do not just apply
the policy to the entire domain by default so that everyone will automatically
get a user digital certificate. The policy should be set on just a
particular OU (Organizational Unit) so that users who need user certificates
and Wireless LAN access must be manually moved to that Certificate enabled
OU. Automatic enrollment should be used as a way to simplify management,
not substitute management.
As for encryption, the same requirements and recommendations from the previous
2 levels applyl. TKIP at a minimum but AES is recommended as soon as
possible. Level 3 organizations should probably be the first to jump to
the next level of encryption. The size of these organizations that would
select Level 3 wireless LAN security can make upgrading difficult, but it's too
important to ignore. The good news is that once AES is achieved, it is
expected to hold for some time.
From a vulnerability standpoint, Level 3 is reasonably secure. The only
way to compromise this security level is if the hacker can not only steal a
user's password, but also steal that user's Digital Certificate which is much
more difficult than just stealing a user's password. To steal a
"soft" Digital Certificate, either the laptop needs to be stolen in
which case it would be obvious and the certificate could be revoked, or a
malicious program like a backdoor, virus or worm would have to be installed on
the laptop to "harvest" the private key of the digital
certificate. The latter option is much more sinister because a theft
could occur totally undetected and the certificate would not be revoked.
The same malicious code could also "log" the user's keystrokes and
the user's password would be compromised as well. At this point, Level 3
security would be totally defeated hence the need for an even stronger solution
in Level 4. Discriminating Enterprises should seriously consider the next
security level.
Level 4: Military grade maximum level WLAN security
Level 4 builds on Level 3 but aims to solve the key logging certificate
stealing malicious code threat. From a PKI Certificate Authority
standpoint, not only is a 3 tier architecture required but the use of FIPS 140-2
Level 3 compliant HSMs (Hardware Security Modules AKA Cryptographic Modules for
server side applications) are mandated. These modules cost thousands of
dollars in the form of a tamper resistant external module. All
Certificate Authorities should use one of these modules to ensure maximum
security. Even a malicious code compromise on the Root Certificate
Authority cannot compromise the Root CA's private key although such a
compromise on a Certificate Authority would still be very serious. This
is why the top two tiers of the PKI chain are never connected to the network as
an extra precaution so that all interactions between the PKI tiers must be hand
carried.
On the user side, the Digital Certificate cannot be stored on the hard drive so
EAP-TLS or PEAP-EAP-TLS with "hard" tokens are mandatory. The
certificates must be stored inside an HSM (these are called Cryptographic
Tokens on the client side) which are typically in the form of a USB dongle the
size of two fingers carried on a person's key chain or a smartcard. USB
dongles are usually much more practical because they can be used by notebooks
without a smartcard reader. Some newer Notebook computers have a built in
HSM called a TPM (Trusted Platform Module) but it can't be separated from the
computer. If an HSM empowered computer is infected with malicious code,
the password can be logged and stolen but the digital certificate cannot.
This is because the HSM never divulges the private key of the digital
certificate to its host computer because all asymmetric cryptographic
operations happen inside the HSM and not on its host computer. This makes
it nearly impossible to steal a private key unless the TPM Notebook or USB
dongle is physically stolen. If that were to occur, it would be fairly
obvious and the Digital Certificate stored inside the stolen HSM could be
easily revoked by an administrator as part of the PKI management process.
To further enhance security, more expensive USB dongles and smartcards have
built in finger print readers so that they are useless unless they have your
living finger or they can figure out some extremely complex method of fooling
the finger print reader. But the biometrics portion is just a last
defense meant to buy you enough time to revoke a certificate before
unauthorized access is gained. With biometrics enabled HSMs, you have the
strongest 3-factor authentication system possible.
From an encryption standpoint, AES is the only encryption algorithm permitted
for Level 4 and it also happens to be mandated for federal government and
military applications. AES was created by the NIST and its encryption algorithm was selected from a list
of finalists that represented the best encryption algorithms in the
world. To comply with the AES requirement, 802.11i (AKA WPA2) compliant
Wi-Fi gear is required on all Access Points, client Adapters, and software.
Most consumer Wi-Fi products sold do not support 802.11i while most newer
business class Wi-Fi products do. You'll have be look for the 802.11i or
WPA2 logo on any Wi-Fi products you buy. Many organizations may already
own products that are AES compliant if they would simply update their firwares
and drivers on their Access Points and Client Adapters. Cisco products
are a perfect example of this because it is probably the most dominant player
in the enterprise Wireless LAN market yet most of their customers are not
running the latest firmware. Upgrades on such a large scale are very
difficult but corporations cannot afford to put off good security because not
only is it good business, it may be the law because of SOX and HIPAA
compliance.
From a vulnerability standpoint, Level 4 is rock solid and extremely difficult
to compromise. The hacker would have to not only steal a user's password,
but also physically steal that user's cryptographic token or a TPM notebook and
take advantage of it before the user realizes anything wrong and reports the
theft. With 3-factor authentication, it is practically impossible to
break in to the Wireless LAN from the wireless side. The attacker will
have to try some other means of compromising the network and a crowbar would be
far more effective at that point.
Conclusion:
Contrary to popular belief, a Wireless LAN can indeed be secure.
Depending on the level of risk versus cost trade off you are willing to take,
you will need to decide if you need to implement Level 1, 2, 3 or 4.
Fortunately, most of the security measures that you need to implement can also
serve you in other aspects of IT infrastructure. The same RADIUS, PKI,
and Cryptographic Tokens can be used to secure your VPN and Remote Access
solution. PKI, Digital Certificates, and Cryptographic Modules are the
fundamental building blocks of strong authentication and there is no way around
that. You can make the best of it by leveraging the hefty investment for
all your security needs.
When I wrote this previous blog "Hack most wireless LANs in minutes!" which mostly focused on insecure corporate wireless LANs, it seemed to generate more questions than answers which is typical every time I go in to this topic. Many of the comments and questions were based on home security so I answered them as best I could which prompted even more questions. So to clear this up once and for all, I offer the following advice.
· Refuse to buy any new devices that are not WPA certified. Believe it or not, there are some new devices being touted at this year’s CES (Consumer Electronic Show) for wireless LAN media players that only support WEP encryption.
· Demand that your vendors provide upgrades for older devices, especially if they are only two years old.
· Many devices that aren’t too old can already be upgraded to WPA. You need to check with your vendor to get the updated drivers and/or firmware. Devices include 802.11 Access Points and client adapters.
· Use WPA-PSK mode with a random key. Don’t use words in the dictionary or a variation of them because they can easily be cracked. It’s better to simply store the key on a USB dongle or even a floppy disk. Microsoft provides a very simple mechanism for setting up WPA security by making it easy to create a simple setup file on a USB dongle.
Now you may have noticed that I didn’t include "MAC filtering" or "SSID hiding" as part of my recommendation. This is because those are two of the biggest myths in wireless LAN security which I’ll have to leave for another blog. If you have any more questions or comments, just use our talkback section and I’d be happy to answer them.
HACK WEP!
Even after two years of WPA certification and nearly one year after 802.11i ratification, you might be wondering why I’m still talking about WEP encryption. The fact is, I would love to stop talking about it if there weren’t such an overwhelming percentage of corporations, retail outlets, and hospitals still using WEP. Although WPA brought us TKIP (think of TKIP as WEP 2.0) encryption and 802.11i brought us AES encryption, the upgrade process has been extremely painful and many products still don’t support TKIP let alone AES. The sad state of wireless LAN security is that the majority of corporations and hospitals still use dynamic per-user, per-session WEP keys while the majority of retail outlets that I’ve seen still use a single, fixed WEP key.
In the past, a hacker was at the mercy of waiting long periods of time for legitimate traffic on a wireless LAN to collect 10 million of packets to break a WEP key. In my previous blog on this topic, which was based on Mike Ossmann’s WEP article, I alerted you to the startling fact that even wireless LANs that used 802.1x/EAP authentication to dynamically assign unique per-user, per-session WEP keys were no longer safe against WEP hacking since WEP cryptanalysis had improved 50 fold. Instead of waiting for hours or even days for those 10 million packets, you now only needed about 200,000 packets to break WEP. Even though dynamic WEP key rotation could change a user’s WEP key every few minutes or so (note that key rotation isn’t always implemented by default), the new WEP cryptanalysis techniques put even dynamic WEP in striking range. Now with the new active attacks on WEP described in Ossmann’s follow-up article, hackers no longer need to passively wait for legitimate packets on a wireless LAN because they can actively inject packets into a wireless LAN to ensure a speedy packet collection session. The end result is, any WEP based network with or without Dynamic WEP keys can now be cracked in minutes! If you’re scared, you should be and you’d better go back and read the recommendations in the end of my previous blog if you’re still running WEP in any form.