WEP is uncrackable under these conditions:
If your pass-phrase is > 21 characters, whoever plans to crack your wireless AP or wireless router better have mad patient skills.
In the paper "Practical Attacks Against WEP & WPA" the authors emphasize that the PSK key
has to be "weak" in order for this to work at the begining of the paper; in addition, to the fact that the clients must be using WPA+TKIP to associate to the AP or wireless router .
However, In 2003 Robert Moskowitz of ISCA Labs detailed the potential problems of deploying weak passwords/passphrases with WPA in his paper: "Weakness in Passphrase Choice in WPA Interface," where Moskowitz points out that a short passphrase < 21 characters is susceptible to a dictionary attack.
Furthermore, I also thought that this was an interesting statement at the end of the paper: " Practical attacks against
WEP and WPA,"- "Our attack on TKIP in Section 5 shows that even WPA with a "strong" password is
not 100% secure and can be attacked in a real world scenario."
So one would have to ask, how long was the password/passphrase they tested in their paper "Practical attacks against
WEP and WPA."
And how long will it take to crack a passphrase that is greater than 21 characters, especially in Cynicalpsycho's case where the passphrase has a combination of alphanumeric characters+space+and other random symbols.
Maybe a lab is in order , never mind will never happen, I use WEP with a passphrase > 21 characters. Patiently waiting for someone to hack my AP/Router never going to happen, maybe I will be lucky and get hacked via my web browser or some zero-day vulnerability for one of my unpatched applications.
http://forums.remote-exploit.org/latest-public-release-backtrack4-beta/22280-wpa2-cracking-can-cracked-how.html
Mac filtering is silly if you want to secure you router this could help in combination with other strong security measures; however, if you think just using this with your AP/Router open, this might be a bad idea.
https://web.archive.org/web/1/http://blogs.techrepublic%2ecom%2ecom/security/?p=395
Solution: regardless if you plan to filter you MAC's or not, you can use WPA or WEP, just make sure you have a strong pass-phrase not a password.
Get creative:http://www.iusmentis.com/security/passphrasefaq/strength/
Tools to test you newly created pass-phrase:
Video sucks, you can just Google Gerix Wifi Cracker on Youtube for a live demo, we went from typing commands to crack WEP/WPA to using scripts, now we are using GUI driven tools on Linux :-).
Or try this:
http://security-sh3ll.blogspot.com/2009/06/gerix-wifi-cracker.html
Only requirement: Gerix runs on Linux or Windows if you are into virtualization and whatnot.
Happy testing people, and stay secure...
Are you sure you don't have a bad router or wireless NIC? WPA2 should not drop your connection. If it is, it could be your router's CPU is overheating because it's bad. – churnd – 2009-10-26T10:47:14.260
I'm quite sure. It's an issue of nasty signal-to-noise ratio. Too many walls. The problem doesn't happen when I'm closer to the router, but the location isn't something I can change without drilling holes in the wall, and I can't move my room someplace else. Current plan is to extend the network with an Airport Express and see if that helps. – Bob Aman – 2009-10-26T22:55:24.053