11 STANDARD STATES THAT WEP PROVIDES FOR PROTECTION FROM CASUAL EAVESDROPPING
802.11 standard states that WEP provides for protection from casual eavesdropping. Instead,the driving force behind WEP is privacy. In cases that require high degrees of security, othermechanisms should be utilized, such as authentication, access control, password protection,and virtual private networks.Despite its flaws,WEP still offers some level of security, provided that all its features areused properly.This means taking great care in key management, avoiding default options,and ensuring that adequate encryption is enabled at every opportunity.Proposed improvements in the standard should overcome many of the limitations of theoriginal security options and should make WEP more appealing as a security solution.Additionally, as WLAN technology gains popularity and users clamor for functionality, boththe standards committees and the hardware vendors will offer improvements. It is criticallyimportant to keep abreast of vendor-related software fixes and changes that improve theoverall security posture of a wireless LAN.With data security enabled in a closed network, the settings on the client for the SSIDand the encryption keys have to match the AP when you’re attempting to associate withthe network, or the attempt will fail.The next few sections discuss WEP as it relates to thefunctionality of the 802.11 standard, including a standard definition of WEP, the privacycreated, and the authentication.WEP provides some security and privacy in transmissions to prevent curious or casualbrowsers from viewing the contents of the transmissions between the AP and the clients. Inorder to gain access, an intruder must be more sophisticated and needs to have specific intentto gain access. Some of the other benefits of implementing WEP include the following:
■
All messages have a CRC-32 checksum calculated that provides some degree ofintegrity.■
Privacy is maintained via the RC4 encryption.Without possession of the secretkey, the message cannot be easily decrypted.■
WEP is extremely easy to implement. All that is required is to set the encryptionkey on the APs and on each client.■
WEP provides a very basic level of security for WLAN applications.■
WEP keys are user definable and unlimited.WEP keys can, and should, bechanged often.