RickLeir
Personal | Subject: WEP and WPA2
Technical IT Security Discussions
posted by RickLeir on Monday, February 7th 2011 @ 1:17 PM
If you set up your wifi base station to allow WEP and WPA2 connections (WEP for a Wii or DS, WPA2 for a laptop), and a cracker sniffs the WEP connection, does she learn anything that would be useful in cracking a WPA2 connection? Does he get the passphrase or key?
Thanks,
Rick |
ScottWright
Group Administrator | Subject: RE: WEP and WPA2
Technical IT Security Discussions
posted by ScottWright on Thursday, February 10th 2011 @ 7:19 AM
Good question, Rick. I'm not 100% sure of the correct technical answer on what vulnerabilities might exist in the "hybrid" implementations of WPA and WEP for wireless routers. My gut feel is that there shouldn't be any real vulnerabilities, because the router should be using a different key for every WPA session. Unless there is some severely bad design failure in how the routers manage connections, WPA sessions should be secure. On the other hand, any WEP sessions on the same router could be vulnerable to one of the other WEP sessions getting hacked. In fact one WEP session is as vulnerable as the next to an attack because of WEP's standard architecture.
I'm not sure if that helps, but I would like to hear any other members' views.
- Scott |
