wireless access point

[Keith Morse]

On Wed, 21 Jan 2004, Matthew Carpenter wrote:

> True, but WEP has undergone quite a few transitions over the last few years, or rather the firmware that implements it.  For instance, get on the Airsnort list and ask if anyone has cracked WEP on a Cisco AccessPoint.  You'll either get no reply or you'll get an account of someone who cracked it on a lab unit that hasn't seen new code since 1989.  WEP is weak in theory, but many of the AP's and NICs are avoiding the weak IV's which allow cracking.  WEP is good enough to veer the "bad guys" to someone else's "easy-pickins"
> 

"easy-pickins" is right.  Last summer of a friend and I drive from
Hillsboro to the east side of Portland (Oregon).  Distance about 15
miles or so, drive was 25 minutes.  Out of curiosity, we used 5 dbi
antenna with magnetic base and located on the cars roof and ran a
session of net-stumbler.  Our goal was to get from point A to point B, the
sniffing was secondary.  About 135 AP's were found,  30 of which were
WEP enabled.  We weren't looking to do anything nefarious, just the
nets-tumbler survey but I'll wager that the bulk of those open AP's also
have default passwords and dhcp enabled.