Page 129 - StudyBook.pdf
P. 129
Communication Security: Remote Access and Messaging • Chapter 3 113
Typically, a 128-bit key can be returned in as little as a few seconds to a few
minutes.
WEPCrack
While AirSnort is known for capturing packets and recreating secret keys,
WEPCrack simply breaks the secret keys.WEPCrack was one of the first software
packages able to break the security of WEP technology.WEPCrack is available for
download at: http://sourceforge.net/projects/wepcrack.
Protecting Against AirSnort and WEPCrack
Damage & Defense… are easily detected. Most Intrusion Detection Systems (IDSes) and
Although both of these tools pose serious risk to a wireless network, they
Intrusion Prevention Systems (IPSes) are able to detect attacks on wireless
networks. The key is to make sure the IxS is up-to-date and functional.
Implementing technologies such as VPNs, Internet Protocol Security
(IPSec), and SSL, greatly increase the reliability of the wireless network.
NOTE
Wireless technologies are covered in greater detail in Chapter 4.
Media Access Control Authentication
Media Access Control (MAC) authentication is a weak form of authentication.
MAC addresses are 48-bit unique identifiers that are assigned to every network
interface by the manufacturer. During MAC authentication, a wireless client’s MAC
address is checked against an authentication server on the network, and the server
checks the address against a list of allowed MAC addresses. Spoofing of MAC
addresses is trivial and so MAC-based authentication is dramatically less secure than
EAP authentication. However, MAC-based authentication provides an alternate
authentication method for client devices that do not have EAP capability. In most
www.syngress.com
