1

I'm learning about security, and discovered my family's router was set to use WEP, with WPS enabled. I've fixed that, but I couldn't give a great answer for why it was necessary, given that we live in a suburban neighborhood with friendly neighbors (probably only two families within connection distance of our router, and a poor connection at that).

I've read a number of pages here discussing WEP which seem to assume that attacks must be local, but I haven't been able to find anything that details that explicitly. I could swear I read one answer claiming that vulnerabilities should be assumed to exist in standard off-the-shelf routers which may make a remote attack on a network's WEP encryption possible, but if that page exists, I can't find it now.

Leaving aside any practical reasons to not use WEP even in the absence of attackers, and the wisdom of not assuming no one nearby would do something nefarious, is there any known remote attack vector that use of WEP or WPS allows, or is the type of Wifi encryption only relevant to attacks by systems in proximity to the router?

HammerN'Songs
  • 113
  • 4

3 Answers3

2

Always remember the OSI model. WiFi signal and encryption exist on the lower levels of the model, which by necessity means that the attacks that it mitigates, and the possible attacks against it, also exist on those layers.

The realities of the way WiFi is implemented in those layers mean that it is all about the radio signals, which means that the topic is confined to what can happen to the radio signals.

So, if you were wondering if someone over the Internet (layers 3-4 and above) can attack WEP/WPS, then no. The attacks are within range of the radio signals of the device.

schroeder
  • 123,438
  • 55
  • 284
  • 319
2

It is true that the attacker needs to get his radio in range of your network.

However

  1. By using a directional antenna the attacker may be able to significantly increase the radio range.
  2. Remember it's not the attacker that has to be in range of your network, it is the radio used by the attacker. So for example if a neighbours router is compromised it could be used to attack your network. Or the attacker could mail his attack device to you or one of your neighbours.

Still unless you are a specific high-value target the risk is IMO pretty low.

Peter Green
  • 4,918
  • 1
  • 21
  • 26
  • Pretty low? But it's easy enough that even script kiddies can do it. – forest Sep 12 '18 at 20:52
  • The risk of someone going to the trouble of compromising a nearby device or using a high gain antenna to hit your average boring network seems pretty low to me, but maybe i'm wrong. – Peter Green Sep 12 '18 at 20:54
  • Perhaps, but the risk of someone cracking your WEP key while wardriving is not low. – forest Sep 12 '18 at 20:54
2

Does use of WEP only open the network to attacks in proximity of the router?

Yes. WEP is used for protecting the wireless communication between a device and your router. So the insecurity of WEP is limited only to device in "proximity" of the router.

I couldn't give a great answer for why it was necessary, given that we live in a suburban neighborhood with friendly neighbors

Even if your neighbors are great and not a threat, there are threats from outside your neighborhood. Access to your network doesn't just mean free Internet for the attacker. They can potentially gather information about you or your family from other devices connected to your network.

It is fairly easy and common for individuals to use wireless from their car/vehicle if they can get easy access (i.e. WEP) for free Internet access. If they have more nefarious purposes in mind, this can easily be used for other purposes such as identity theft.

This article was a fun read even if the practical implications it could have by a smart criminal on an individual with weak network security could be a bit scary.

given that we live in a suburban neighborhood with friendly neighbors

Sounds very similar to what neighbors thought before police arrested this killer, this kidnapper, or this child pornographer. And these are by no means isolated incidents as there are literally hundreds of these stories in the past few decades alone.

Yet spending a bit more effort on basic wireless security can help prevent you from finding yourself the center of a news story such as this man or this couple.

(probably only two families within connection distance of our router, and a poor connection at that)

This circles us back to "proximity" and what does it actually mean. Your typical 802.11 WiFi device with it's omnidirectional antennas will only give you a range of 200-300 feet.

But with the use of directional antennas, device can connect from much further away (as much as a quarter or half a mile in ideal circumstances). This likely opens up many more locations from which someone could connect to your wireless. One of the articles I referenced is an example of someone hijacking the connection from their boat in the middle of a marina to the router on the 12th floor of the victims building, much further than your typical expected connection distance.

YLearn
  • 3,967
  • 1
  • 17
  • 34
  • To be fair, a clever child pornographer will not be using a neighbor's internet, but an anonymity network. Still good advice though, since many are just clever enough to crack WEP, but not to deploy proper OPSEC. – forest Sep 13 '18 at 02:45
  • @forest, if you search for them, you will find a good number of "used neighbor's WiFi for child pornography" news stories (naturally filtering out all the derivative blog postings, etc). Good news is that many child pornographers aren't very clever. – YLearn Sep 13 '18 at 03:21
  • Or rather, the ones you hear about in the news aren't very clever. Kind of hard to estimate the number of clever ones when they can even hide their existence (see [this](https://grugq.github.io/blog/2013/12/01/yardbirds-effective-usenet-tradecraft/) and [this](http://dee.su/uploads/baal.html)). Overall, they can be a very security-minded group since, naturally, the ones who are not tend to get arrested. – forest Sep 13 '18 at 03:23