WLAN cracking tools and how well they work on a WAP

Enterprise Networks & Servers, May 2005 by Welcher, Peter

Introduction

I intended to write this month ahout something other than wireless. But I've been spending a bit too much time recently working with some of the WLAN cracking ("security administration") tools, to see how well they work on my own Wireless Access Point (WAP). There are a number of good articles out there I'd also like to call your attention to, if you're only loosely tracking WLAN security issues. So my intent here is to summarize what's going on that affects WLAN security.

The right conclusion to reach here is that you should consider tightening up your security, especially if your network cannot tolerate the risk of breach of confidentiality. The ZDnet link and the TomsNetworking link below have some good practical advice for reducing exposure.

The WLAN tools work all came about because a consulting client asked that their WLAN to be put to the test. The very good point made by the site Network Manager was that if I couldn't crack the WEP key, decode packets, and discover passwords or confidential data in cleartext form, then he was going to be hard-pressed to justify expending money on new WAP's with better encryption. More precisely, there was a lot of claims that WEP is insecure, and he wondered how real all that was.

I completely agree with the devil's advocate side to this: let's see just how easy or hard it is to crack, and see what we see even if we do crack the WEP key and decode packets. Some of the tools are slow and primitive. So there may be theoretical exposure, but perhaps it is too time-consuming or knowledge-intense for someone to actually want to use the tools.

My conclusion is that while I've personally experienced some frustration with the tools, the exposure is real. The article "The Myth of Easy WEP Cracking" (http://www. oreillynet.com/cs/user/view/cs_msg/26023) contains some of the arguments for this point of view.

I'm also flattered at the trust implied for my expertise! Philosophically I do have some trouble with the logic that if I can't expose critical data, then it's secure enough for a low-risk network. I'd like to claim some expertise in WLAN security. But I'm very aware I'm not a teenager or other person spending hours a day working with the last cracker-ware either.

In any case, I set out to explore the tools available on the net, and see how well they do on my own network. Links to various other articles are scattered throughout this article, and it ends with links to other resources and to WEP cracking tools.

Background: What's WEP?

Recall that WEP is the original form of encryption used to control the association of a PC with a Wireless Access Point (WAP) or another PC (in ad hoc mode, which is one of the first things I turned off on my NIC settings).

WEP has been superseded by WPA and WPA2 or 802.11i. Wt-Fi Protected Access (WPA) uses message exchanges like those in WEP, but uses either TKIP (new key every packet) or AES encryption for confidentiality. WPA also adds a method called Michael for message integrity checking and replay prevention, making it harder to alter selected bits in order to try to learn the key that way. WPA comes in industrial and home strengths. The former requires 802.Ix with a RADIUS back end to authenticate users. This is much stronger than the SOHO version, which uses Pre-Shared Keys (WPA-PSK).

WEP uses either 64-bit or 128-bit keys. However, the keys are not really this many bits, because a 24-bit Initialization Vector (IV) is used, to provide randomness. So the "real key" is actually 40 or 104 bits long.

Many WAP's allow you to specify an English passphrase, and generate four hex keys from it. I gather this further restricts the effective number of bits to explore using a brute force attack. Some tools exploit this, e.g. weptools (link below). The author claims 64 bit generated from passphrase really amounts to 21 bits of protection, which clearly isn't enough.

Putting WEP to the test

This section of the article reflects what's readily available off the Internet using Google.

I was able (with some effort) to get AirSnort running on a borrowed Enterasys DS 802.11b NIC and capture frames. AirSnort puts a NIC into Monitor mode where passive packet capture can take place. It also tried to exploit "weak" IVs for fast cracking of the WEP key. AirSnort supports a long list of NIC cards, but not the Broadcom NIC in my Dell laptop. I had problems getting a purchased D-Link or Linksys NIC cards using the Aetheros chipset to work. The problem appeared to be not the driver hut the vendorsupplied configuration utility. Something about the Dell kept crashing it. The Enterasys is based on the Agere chipset. The configuration utility struck me as rather primitive, but at least it worked!

The AirSnort output file is in PCAP format and can be examined using Ethereal. Interestingly (to me), AirSnort saw no "interesting" (weak) IV's, which can be used to expedite discovery of the key.

This appears to confirm comments in the first securityFocus article below about some WAPs and NIC drivers avoiding use of weak IVs. Logic to exclude weak IVs would certainly be easy enough for the vendor to program into driver or WAP.