Wireless LAN holes exposed
|
|||
 | |||
|
Advertisement: |
Wireless LAN security holes identified in a new report by computer scientists are real but not easily exploited, according to product vendors.
University of California researchers report that several weaknesses in the Wired Equivalent Privacy (WEP) encryption algorithm leave 802.11 wireless LANs vulnerable to several kinds of sophisticated decryption attacks. The flaws let a laptop user with a wireless PC LAN card eavesdrop on transmissions and decipher key parts of LAN packets using statistical analysis. The same weaknesses can then be used to create malicious packets and send them over the LAN.
The report is available here.
But vendors and users say the WEP weaknesses are well-known and that the IEEE 802.11 group is drafting an improved version of WEP. In any case, they say there are products available that can provide layers of protection.
Cisco last month released its Aironet 350 series wireless LAN products with a new security framework that also eliminates WEP, changes the encryption keys with each session and authenticates users based on the Remote Access Dial-In User Service protocol.
"The report exaggerated the degree of risk," says John Drewry, a business development executive at 3Com, which also has released technology to protect against wireless LAN attacks. "These are very sophisticated attacks and they are not easy to systematize and then redistribute by posting them on Web sites."
There are changes a company can make to its wireless LAN and net security system (such as periodically changing the cryptographic keys) that would force attackers to begin their break-in all over again.
The researchers acknowledge the difficulty in decoding 2.4-GHz digital signals and that reverse-engineering the firmware in 802.11 LAN cards takes a "significant time investment."
But, they write, "our analysis suggests that all of these attacks are practical to mount using only inexpensive off-the-shelf equipment."
RELATED LINKS
