| To: | "Paul Dickens" <paul.dickens@iop.org> |
|---|---|
| Subject: | Re: Legality of WEP Cracking |
| From: | "Nicholas Chapel" <nicholas.chapel@gmail.com> |
| Date: | Wed, 23 May 2007 15:10:05 -0400 |
| Cc: | "Richard Brinson" <richard@kanoo-uk.com>, listbounce@securityfocus.com, pen-test@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=oRGpgSbXbdkUI0haMq3XGQ5HCNtye+NOvv4JCBD6hgToqUFDu5rB7LNEsx97ApXnIoUPSrccTFzAybr21ma3uwY6e6vfIyigWcJSMClb01N+4k0sOR+hrZMoFVg6TwTNiiKmfifEt1Ec1HHyCRXVHxiRer2A3bjoTk0FyoHSWo8= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=WYCaM/RVW45MBkLIxVYTPKD0KW4uDVSkD48j1l2ARvpZMfSvZUTNTmiq3ylqqe3tEuaTC2l96q7GozgSFa/e+AFN8/wr+BszpTobta2fhrFHrXlTDwMQztLHbzm0ztUC26IBbqQRVuzk4pPJ11L5TeYduWRj1c8GozJleS6E02Q= |
| In-reply-to: | <OF0EF61F3E.1110A13B-ON802572E4.00284844-802572E4.00297DB8@iop.org> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAA+QrJM2ZtvkGw8Q52cxvSusKAAAAQAAAAsHC7awQCw0eNjHkJX0gt7QEAAAAA@kanoo-uk.com> <OF0EF61F3E.1110A13B-ON802572E4.00284844-802572E4.00297DB8@iop.org> |
| Resent-date: | Wed, 23 May 2007 18:48:54 -0600 (MDT) |
| Resent-from: | pen-test-return-1078484234@securityfocus.com |
| Resent-message-id: | <20070524004854.B91A0236F66@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
On 5/23/07, Paul Dickens <paul.dickens@iop.org> wrote: Another point, who still uses WEP in business? Clearly some must in order to get such a response from your posting. I thought WEP was flawed technology! Yes, WEP is deeply flawed, and has been for a very long time. Recent developments have made it even weaker than it already was, now that it's become widespread news that packet re-injection and spoofed deauthentication are able to generate sufficient traffic to crack the key in only a few minutes. The fact that WEP is profoundly broken is old news. But to answer your question, a *lot* of businesses are using it. I can't comment on larger firms with an established information security infrastructure, but almost all of the smaller and medium-sized businesses I've worked with have been running WEP. This includes medical offices and other companies that work with sensitive data. To make matters worse, many if not most of them are running on older hardware and/or software that is incapable of supporting WPA, never mind WPA2. It's really quite terrifying. Regards, --Nick ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ |
| Previous by Date: | Question about vulnerability scanning, Andy . Kitzke |
|---|---|
| Next by Date: | Re: Question about vulnerability scanning, Utmost Bastard |
| Previous by Thread: | Re: Legality of WEP Cracking, Nick Selby |
| Next by Thread: | Re: RE: Legality of WEP Cracking, ebk_lists |
| Indexes: | [Date] [Thread] [Top] [All Lists] |