A security administrator discovered that all communication over the company’s encrypted wireless
network is being captured by savvy employees with a wireless sniffing tool and is then being
decrypted in an attempt to steal other employee’s credentials. Which of the following technology is
MOST likely in use on the company’s wireless?
A.
WPA with TKIP
B.
VPN over open wireless
C.
WEP128-PSK
D.
WPA2-Enterprise
Explanation:
WEP’s major weakness is its use of static encryption keys. When you set up a router with a WEP
encryption key, that one key is used by every device on your network to encrypt every packet
that’s transmitted. But the fact that packets are encrypted doesn’t prevent them from being
intercepted, and due to some esoteric technical flaws it’s entirely possible for an eavesdropper to
intercept enough WEP-encrypted packets to eventually deduce what the key is.
This problem used to be something you could mitigate by periodically changing the WEP key
(which is why routers generally allow you to store up to four keys). But few bother to do this
because changing WEP keys is inconvenient and time-consuming because it has to be done not
just on the router, but on every device that connects to it. As a result, most people just set up a
single key and then continue using it ad infinitum.
Even worse, for those that do change the WEP key, new research and developments reinforce
how even changing WEP keys frequently is no longer sufficient to protect a WLAN. The process of
‘cracking’ a WEP key used to require that a malicious hacker intercept millions of packets plus
spend a fair amount of time and computing power. Researchers in the computer science
department of a German university recently demonstrated the capability to compromise a WEPprotected network very quickly. After spending less than a minute intercepting data (fewer than
100,000 packets in all) they were able to compromise a WEP key in just three seconds.