CCENT: 1st Gen. Wireless Security Mechanisms: WEP
Wireless certainly exploded onto the networking scene, unlike other technologies that took years to catch on. However, with wireless came huge challenges for securing the wireless network. After all, having potentially sensitive network data traveling through the air as radio waves immediately presented massive concerns.
As a Cisco Certified Entry-level Networking Technician, you are expected to have an intimate knowledge about the consecutive generations of wireless security. Of particular focus should be the shortcomings of the various technologies that led to the creation of new and superior security methodologies. This blog post will provide you with the information you need to know about the first generation. Obviously, this blog post was taken from our CCENT course materials.
The first generation of security featured the following technologies or methods:
- Wireless Encryption Protection (WEP)
- SSID Cloaking
- MAC Address Filtering
This post will focus on WEP, while follow up post(s) will focus on SSID Cloaking and MAC Address Filtering.
WEP security defined encryption and authentication between the Wireless Access Point and the Wireless Client(s) using a 64-bit static key (password). Typically, anytime that you see the word static associated with network security keys (passwords), you should immediately think about a few things. First, you should think that it will be very easy to setup, and certainly, static WEP is very simple to configure. Second, you should think that a static password configuration for security is not scalable. As you add more and more access points and more and more clients, you have an administrative burden of setting the appropriate passwords manually on all of those devices. Moreover, lets not even think about a security policy that requires you to change all of those passwords every 30 days. Third, you should think about static being pretty dangerous. If someone does learn that static password, they can compromise many systems that all rely on it.
Here is a list worth committing to memory; it is a list of some of the problems with WEP that gave rise to more powerful technologies:
- Too basic of encryption that proved too easily compromised
- Lacking in strong authentication
- Static keys
- A lack of scalability
In an attempt to enhance security in WEP environments, note that administrators implemented SSID Cloaking and MAC Address Filtering. These technologies will be covered shortly in our blog.
NOTE: In our CCENT course, you can get hands on experience setting, and breaking, these various forms of first generation wireless security.