Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Can a WEP wifi network be made secure?

  1. #1
    Just burned his ISO
    Join Date
    Oct 2008
    Posts
    16

    Default Can a WEP wifi network be made secure?

    Having used BT3 to crack my own network I've changed over to wpa encryption (with a nice long alpha-numeric key).

    The problem I've got in the office network. I'm an automation engineer with a small company, so naturally as i work with computers and write code I get stuck with looking after the network.

    So heres the catch, I can crack the office wep with out any problems no matter what key I use AND I'm stuck with wep because some of the windows pc's have wifi card's that don't support wpa. As we all use fixed ip addresses and have manually configures dns lookup. I wondered if turning off the dhcp server would make it harder gain access to our network? or maybe set the dhcp to offer a different subnet to the one we use.

    is there a way for someone to connect to our wifi under these circumstances and figure out which subnet we are actually using?

  2. #2
    Just burned his ISO
    Join Date
    Sep 2008
    Posts
    17

    Default

    I think as long as you stick to WEP it's gonna be hard to keep it secure at all ..
    Nevertheless you can turn off the dhcp and activate IP / Mac Filtering even though the second is easily spoofed.

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by BigRed View Post
    Having used BT3 to crack my own network I've changed over to wpa encryption (with a nice long alpha-numeric key).

    The problem I've got in the office network. I'm an automation engineer with a small company, so naturally as i work with computers and write code I get stuck with looking after the network.

    So heres the catch, I can crack the office wep with out any problems no matter what key I use AND I'm stuck with wep because some of the windows pc's have wifi card's that don't support wpa. As we all use fixed ip addresses and have manually configures dns lookup. I wondered if turning off the dhcp server would make it harder gain access to our network? or maybe set the dhcp to offer a different subnet to the one we use.

    is there a way for someone to connect to our wifi under these circumstances and figure out which subnet we are actually using?
    It is not wise to have the primary backbone of your business network be wireless no matter what the encryption is. WEP cannot be made secure enough since no matter what you use, it can be broken in a few minutes. If you're going to rely upon wireless, invest in better wireless equipment that supports WPA2 and Radius authentication.

    It sounds as though you're a Automation Contractor and you don't actually have a control network of your own connected like this. I certainly hope that when you're working in the field, you're not configuring PLC's and HMI's to be wireless, no matter what kind of encryption is used. I will never allow any kind of wireless network on my control subnet. Of course, I'm kind of paranoid that way, I disable all open ports on all the switches, monitor every single MAC that attaches to the network and monitor all traffic on that network.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by BigRed View Post
    So heres the catch, I can crack the office wep with out any problems no matter what key I use AND I'm stuck with wep because some of the windows pc's have wifi card's that don't support wpa.
    If you have any say in this, have the company spend the cash and switch. If you don't have a say, tell your bosses the dangers, and put it in writing. That way, when (not if) the wireless is attacked, the powers that be can't say you never told them.

    Quote Originally Posted by BigRed View Post
    I wondered if turning off the dhcp server would make it harder gain access to our network?
    Not really. They can just assign an IP manually.

    Quote Originally Posted by BigRed View Post
    or maybe set the dhcp to offer a different subnet to the one we use.
    That will confuse someone for a minute. Maybe two minutes, if they haven't had their coffee.

    Quote Originally Posted by BigRed View Post
    is there a way for someone to connect to our wifi under these circumstances and figure out which subnet we are actually using?
    Yes. It's trivial. By sniffing the packets on the WLAN, the subnet can easily be determined as long as there is an active client on the WLAN.
    Thorn
    Stop the TSA now! Boycott the airlines.

  5. #5
    Just burned his ISO
    Join Date
    Oct 2008
    Posts
    16

    Talking

    Thanks for the feed back.

    Streaker69 you are correct no automation should be connected to a wireless network. All the kit we build, if it is networked (modbus profibus or plain old tcp/ip) is built as a standalone network and not connected to the our or customers network as it affect the data transfer rate and it's just plain dangerous!

    Looks like its time to rip the old card out of a couple of laptops and put in some nice new ones (or a nice new laptop )

    One question though "By sniffing the packets on the WLAN, the subnet can easily be determined as long as there is an active client on the WLAN" How? I can see that you can capture packets from the WLAN but how do you extract the ip address?

  6. #6
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by BigRed View Post
    One question though "By sniffing the packets on the WLAN, the subnet can easily be determined as long as there is an active client on the WLAN" How? I can see that you can capture packets from the WLAN but how do you extract the ip address?
    Using for example Wireshark to capture and view the contents of the packets you can easily view both the source and destination address of them.
    -Monkeys are like nature's humans.

  7. #7
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Kismet will even show the ip addresses used given enough time.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  8. #8
    Just burned his ISO
    Join Date
    Oct 2008
    Posts
    16

    Default

    Quote Originally Posted by =Tron= View Post
    Using for example Wireshark to capture and view the contents of the packets you can easily view both the source and destination address of them.
    I've seen Wireshark run on a wired network, just done a quick Google to see how to do it on a wireless network, it's not difficult. Well I've learned a few things today......

    I'll be having a chat with the boss on Monday and doing a bit of shopping (hopefully). Thanks for the help.

  9. #9
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    Vlan the wireless network to have access to the internet lan 3
    vlan the company network to have access to net and servers lan2,lan1 and lan3

    lan3 internet router

  10. #10
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by compaq View Post
    Vlan the wireless network to have access to the internet lan 3
    vlan the company network to have access to net and servers lan2,lan1 and lan3

    lan3 internet router
    That really doesn't solve the problem of WEP being used and inherently insecure. Plus it sounds as though they're actually using the WLAN as their main connection to their corporate LAN and not just for internet access.

    Otherwise using VLAN's is a good idea.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •