40-bit or 64-bit secret key encryption, and then adding a 24-bit initialization vector (IV)
to the end of that key. The shared key is set in place for a network, but a new IV is gen-
erated randomly for each packet of data that is transmitted over the network.
Unfortunately, WEP is not as strong as its designers had hoped. There are two basic
shortcomings in the standard WEP protocol:
■ Most networks do not change the shared key often because the basic WEP stan-
dard does not provide a way to dynamically assign the shared key to APs and sta-
tions. Instead, administrators must manually enter the shared key.
Note To make cracking WEP more difficult, most AP vendors avoid using a handful of known-weak IVs that cracking tools specifically look for. When these IVs are disabled (by default for most up-to-date APs) and 128 bit encryption is used, WEP is actually a very secure encryption protocol. A newer implementation of WEP, known as Dynamic WEP, is designed to address the problem with manual entry of the shared key. Although Dynamic WEP is much more secure than WEP, the newer and stronger WPA standard and the bad reputation that WEP has gained probably means that Dynamic WEP will not gain wide acceptance. ■ The random IV is only 24 bits and is reused. On large networks, APs and stations
reuse the IV pretty frequently (even as often as every hour). Many programs exist
that can capture network traffic and examine the details of the data packets being
transmitted, including details about the IV.
Wi-Fi Protected Access
To help address the security limitations of WEP, a group of wireless equipment known
as the Wi-Fi Alliance developed a new encryption standard named Wi-Fi Protected
Access (WPA). WPA builds upon the security in WEP in two main ways:
■ WPA provides stronger data encryption. WPA uses Temporal Key Integrity Proto-
col (TKIP), a protocol that provides per-packet key mixing, a message integrity
check, and a stronger IV with keys that are not reused for longer periods of time.
■ WPA requires 802.1x authentication to ensure that only authorized users or com-
puters are allowed to connect to a wireless network. 802.1x authentication is
optional with WEP.
Configuring Wireless Networking in Windows XP Professional
Windows XP Professional includes a feature called Zero Client Configuration that eases
the detection of and connection to wireless networks, and also makes transitions from
one wireless network to another more transparent to users. Windows XP Professional
supports both ad-hoc and infrastructure wireless networking, and also supports both
WEP and WPA encryption.
Note When Windows XP Professional first shipped, it did not include support for WPA. Support was provided later via the Windows WPA Client Update, available at https://traloihay.net.com/Default.aspx?kbid=815485. However, WPA support is also included with Windows XP Service Pack 2 without needing to use this client update. How to Connect to a Wireless Network
After installing a wireless network adapter, Windows XP Professional attempts to locate
wireless networks in the area automatically. When Windows locates a network, it dis-
plays an icon in the notification area (a picture of a computer with wireless “waves”
coming out of it). Windows also displays a ScreenTip (a pop-up notification balloon)
above that icon, letting you know that it has detected wireless networks.
To connect to a wireless network, use these steps:
Bạn đang xem 40- - MICROSOFT WINDOWS XP PROFESSIONAL EXAM 70 270 PHẦN 6 PPTX