Page 199 - StudyBook.pdf
P. 199

Communication Security: Wireless • Chapter 4  183

                 WEP

                 The IEEE 802.11 standard covers the communication between WLAN compo-
                 nents. RF poses challenges to privacy in that it travels through and around physical
                 objects. Because of the nature of the 802.11 wireless LANs, the IEEE working
                 group implemented a mechanism to protect the privacy of the individual transmis-
                 sions, known as the WEP protocol. Because WEP utilizes a cryptographic security
                 countermeasure for the fulfillment of its stated goal of privacy, it has the added
                 benefit of becoming an authentication mechanism.This benefit is realized through
                 a shared-key authentication that allows for encryption and decryption of wireless
                 transmissions. Up to four keys can be defined on an AP or a client, and they can be
                 rotated to add complexity for a higher security standard in the WLAN policy.
                    WEP was never intended to be the absolute authority in wireless security.The
                 IEEE 802.11 standard states that WEP provides for protection from “casual eaves-
                 dropping.” Instead, the driving force behind WEP was privacy. In cases that require
                 high degrees of security, other mechanisms should be utilized such as authentica-
                 tion, access control, password protection, and virtual private networks (VPNs).
                    Despite its flaws,WEP still offers a level of security provided that all its features
                 are used properly.This means taking great care in key management, avoiding default
                 options, and ensuring adequate encryption is enabled at every opportunity.
                    Proposed improvements in the 802.11 standard should overcome many of the
                 limitations of the original security options, and should make WEP more appealing
                 as a security solution.Additionally, as WLAN technology gains popularity and users
                 clamor for functionality, both the standards committees and the hardware vendors
                 will offer improvements. It is critically important to keep abreast of vendor-related
                 software fixes and changes that improve the overall security posture of a wireless
                 LAN.



                 EXAM WARNING
                      Most APs advertise that they support WEP in 40-bit encryption, but
                      often the 128-bit option is also supported. For corporate networks, 128-
                      bit encryption–capable devices should be considered as a minimum.




                    With data security enabled in a closed network, the settings on the client for
                 the SSID and the encryption keys must match the AP when attempting to associate
                 with the network or it will fail.The next few paragraphs discuss WEP and its rela-



                                                                              www.syngress.com
   194   195   196   197   198   199   200   201   202   203   204