Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	Cisco's free iPhone app grabs security feeds
•	Global warming research exposed after hack
•	Verizon suit a 'gamble worth taking' for AT&T, says IP lawyer
•	Google adding IPv6 to YouTube
•	Broadband stimulus grants delayed
•	Palm Pixi smartphones now just $25
•	Google goes for speed, security in Chrome OS
•	Hurricane Electric's IPv6 network doubles
•	The 5 best, and 5 worst, features of Google Chrome OS
•	Listen up: Rock and roll artifacts under surveillance
•	Why Chrome OS will fail -- big time
•	Microsoft Windows chief decries standards grandstanding
•	Al Gore: Supercomputers can reverse climate change
•	Atlantis astronauts get rude awakening
•	FAA fixes computer glitch, delays remain
•	More breaking news

Wireless/Mobile /

How we did it

By Steve Janss
Network World, 12/17/01

Our test system consisted of three computers:

P5-200 MMX (200 MHz) running Windows NT 4.0 with Service Pak 6a, 96M bytes of system memory, and a 4.5G-byte Enhanced Integrated Drive Electronics hard drive with 680M bytes of free space.

Pentium III 800-MHz running Windows 2000 Professional with Service Pak 2, 256M bytes of system memory, and a 40G-byte Ultra ATA 100 hard drive with 29G bytes free.

Sony VAIO PCG-FX370 laptop running Windows XP Home, 256M bytes of memory, and a 20G-byte hard drive with 4G bytes free.

We used the P5-200 MMX as a file server and the Sony VAIO laptop as our wireless client. We employed Novosoft's Handy Backup 2.1 to synchronize two 1.1G-byte folders containing numerous subfolders and files between the client and the server (this generated the requisite network traffic to fill about 50 minutes back-up time, simulating the network traffic required by WEPCrack). The Pentium III 800-MHz with a LinkSys WPC-11 was our "cracking machine," on which we ran Ethereal for Windows, Perl Builder and WEPCrack. After cracking was complete, we switched to WildPacket's Airopeek with a Cisco Aironet 340 PCI network interface card (NIC) to surf the hacked network. Both the P5-200 MMX and the Pentium III 800-MHz were outfitted with a PCI slot to PC Card adapter for use with the PC card wireless NICs.

All four products provided full 802.11b 128-bit Wired Equivalent Privacy (WEP), as well as their own proprietary security enhancements (encryption and authentication).

For each test, we used proprietary wireless NICs in the laptop and the file server, running them first in their open mode (no WEP) to ensure throughput, then using 128-bit static WEP to test configuration and compliance, and finally in their proprietary security modes. We also tested each product for features, ease of installation, use, administration, and documentation. Because the ease of cracking 128-bit WEP is well known, we only conducted security testing against each product in its proprietary security mode, running the hacking test for 48 hours. If WEPCrack was unable to make any progress within 48 hours, we considered the product to be secure.

Back to the main review

RELATED LINKS

Janss is the president of Jansys Information Systems, a consulting firm specializing in IS technologies for small businesses. He can be reached at bizcom@jansys.com.

Wireless LAN security
The IEEE 802.11b Task Group I is working on a new standard that provides authentication and encryption for secure wireless networking. In the meantime, proprietary products that plug the holes in 802.11b security may be your best bet.

IEEE is working on new standard
The scope of IEEE's 802.11b Task Group I is "to enhance the 802.11 Medium Access Control to enhance security and authentication mechanisms."

WEP's fatal flaw exposed
Wired Equivalent Privacy vulnerabilities came to light more than a year ago in October 2000.

A closer look at LEAP
How Lightweight Extensible Authentication Protocol works.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.

Click Here

alt text

Click Here

HOME

RESEARCH CENTERS

NEWS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.