 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
There
are several known weaknesses in the structure of WEP
|
|
|
encryption
|
|
|
|
WEP
shared secret is useless when its common knowledge
|
|
|
|
WEP
key exchange is not yet a defined standard, different vendors
|
|
|
have
implemented their own solution that usually are not interoperable.
|
|
|
MAC
address can be faked very easily => additional authentication is
|
|
|
required
|
|
|
|
Radio
DoS attacks may only be prevented by legislation, radio
|
|
|
interference
from other devices cannot be prevented, only avoided
|
|
|
|
The
only methods to authenticate radio network on non-IP level to user
|
|
are
network id (essid) and the possible shared secret
|
|
|
|
Replay
attacks may be prevented to some extent with WEP but the
|
|
|
network
is as vulnerable as every other IP network
|
|