Some of the flaws of wireless networking have been known for a while now — even the IEEE 802.11b standard used by Apple’s AirPort products have some significant shortcomings. There’s a new tool making the rounds that may demonstrate just how susceptible some networks are to eavesdropping, however. Writing for Wired News , Michelle Delio talks about this new public beta software in an article called
Wireless Networks in Big Trouble.
The new software is called AirSnort, and it operates by monitoring transmissions over the wireless network. After it grabs enough data — sometimes only after a few hours, sometimes over a couple of days, depending on the relative traffic on the wireless network — AirSnort then computes the encryption key.
“Once enough packets have been gathered, AirSnort can guess the encryption password in under a second,” claim the developers. The software is designed to work on a Linux computer equipped with a wireless networking card that supports the 802.11b protocol.
The developers told Delio that they’ve released AirSnort to prove once and for all how crackable the Wired Equivalent Privacy (WEP) system really is. WEP is the security protocol defined in the 802.11b specification.
AirSnort Co-developer Jeremy Bruestle told Delio that he’s received thanks from system administrators who can now prove just how insecure WEP is, and he’s also received comments from those who say that he’s just giving crackers an opportunity to break into systems where they don’t belong. “I understand the viewpoint of those who believe dangerous information should be hidden, but I disagree,” said Bruestle.
More details are available from Wired News.
(Thanks to MacCentral reader Graham Fair for info used in this article.)