WEP Vulnerabilities—Wired Equivalent Privacy?
WEP has received an enormous amount of attention in the media as being flawed and broken. As its name implies, WEP was only intended to give wireless users the level of security implied on a wired network (which isn't much). Except in a fully switched environment, all wired traffic is exposed to the risk of eavesdropping (a.k.a., packet sniffing). WEP was not designed to be the end-all, be-all security solution for wireless networks and, as we shall see, WEP has a number of shortcomings, which make it vulnerable to several classes of attacks. The point of this chapter is to do more than just tell you that WEP is bad. Our goal is to paint a picture of what WEP was intended to do, how it works, and why it fails to live up to its design goals.