- Protecting yourself from a new online scam
- Diary of a deliberately spammed housewife
- Silly Internet traditions: A concise history
- How to avoid laptop loss at the airport
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
New software from AirDefense is designed to protect a widely used but flawed wireless LAN encryption protocol.
The software “cloaks” the encryption key used to scramble WLAN data packets by means of the Wired Equivalent Privacy protocol. WEP was defined in the IEEE 802.11 WLAN standard, and is part of every 802.11-based device. But in 2001, a serious flaw in its implementation was identified, making WEP encryption easy to break. The new AirDefense cloaking technique could save retailers and others from large-scale upgrades of embedded or special-purpose wireless gear such as portable cash registers, barcode scanners, point of sale terminals and even VoIP handsets.
These legacy wireless devices often run only WEP encryption because of their age or lack of memory and processing power. For various reasons, they often can’t be upgraded to more advanced and more secure schemes such as Wi-Fi Protected Access or the follow-on WPA2 with the full set of IEEE 802.11i security features, which were designed to correct WEP’s well-known weaknesses.
One AirDefense customer is an East Coast electronics retailer which has WLANs deployed in its stores, but currently only for limited guest access by customers visiting the store, says a security systems specialist for the retailer, speaking on condition of anonymity. The retail chain doesn’t use WEP, but the AirDefense Enterprise sensors and software show WEP is widely used in nearby retail venues, he says.
“We use AirDefense [Enterprise for WLAN security] and we see in the air around our stores a huge amount of WEP-based wireless traffic in mall kiosks, and the ‘mom-and-pop’ retailers,” he says. “This is all [traffic from] stuff that’s been put in place for awhile in an existing infrastructure. And it’s costly to replace.”
Where WEP is relied on, administration is a chronic headache and a chronic cost, as at Mazda Raceway Laguna Seca, in Monterey, Calif. “Currently internal systems such as handheld ticket scanners rely on WEP as their only form of protection,” says Frank Basso, assistant director of communications at the raceway. “We are constantly changing the WEP keys to prevent intrusion due to the weakness of WEP. If we were able to detect [and block] intrusion attempts, we would save on administrative overhead on reprogramming of devices.”
- on-demand, instant resourcing: you can request 200 new compute instances and you can get them, there...- Craig Balding
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comments (3)
They did fix the problem,By Anonymous on May 29, 2007, 5:28 pmThey did fix the problem, its called WPA and WPA II. The flaws to WEP have been known for years
Reply | Read entire comment
Out of curiousity, hasBy Anonymous on April 2, 2007, 3:46 pmOut of curiousity, has anyone ever actually tried to *install* WEP crack or Airsnort? The ridiculous number of steps and DLL's that may or may not work sort of provide...
Reply | Read entire comment
Vendor aims to 'cloak' WEPBy Anonymous on April 2, 2007, 2:35 pmSounds like this would be easy to add to open source OSs like Linux and *BSD....
Reply | Read entire comment
View all comments