Is there a new Wifi hack tool out? WEP+MAC Filter failures.
by R. Proffitt - 4/12/07 5:26 AM
I just ran into a Wifi network failure and tracked it down to someone hijacking a wifi network connection. Until this I had successfully configured some nets to use WEP plus MAC filtering and never had an issue. But that appears to have some tool to crack that in minutes now.
I tested it and got real lucky that the bad person was hacking while I was able to reconfigure the wifi router. I discovered they were able to sniff out a good MAC and then they would crack the WEP then set their MAC to an allowed address.
What amazed me was they did this in just a few minutes after I changed the routers SSID, WEP password and the client's MAC address. So we had to move to WPA and that seems to have cured that one.
The only reason we had left a few routers back on WEP+MAC security was some hardware that wasn't up to the task of WPA.
It looks like something new is out so if someone knows more a post in the Security forum would be nice to see. But the lesson is learned that WEP is soundly dead. Even with SSID off and MAC filters. It's dead Jim.
But here's my question. Does anyone know if a new Wifi crack tool is out and about? My bet is it must be some pushbutton simple thing since the attack was so fast that the old method I knew of where the WEP attack was 10 minutes and a minute to change the MAC (or a little less.)
PS. Just for completeness if you are supporting wifi networks, if what I'm seeing get's out there you will get many calls about failing to connect, "it worked fine before", and other such statements when the security is less than WPA. It's only been a few days since this incident but it has soundly moved me to write that WEP is no longer an option if we added MAC filtering. I knew it wasn't bulletproof but until now they didn't have the right bullets.