WEP Overview
The first, most basic level of securing a wireless LAN (WLAN) is to set up a wired
equivalent privacy (WEP) key. This is a means of encryption that encodes
transmissions between an access point (AP) and client. This is a basic means of
security, but it is not thorough. When wireless devices were first introduced, this was a
quick and easy way to provide security. Unfortunately, WEP is inherently flawed;
however, it might be your only option if you work with older equipment or client
software.
If enough traffic is passed back and forth between client and AP, the packets can be
intercepted and the encryption key deduced. This is not a likely issue for homes and
small offices that have light wireless activity and uninteresting data. However, in an
organization with high volumes of wireless traffic and critical data, it is easy for an
intruder to crack the code. It is perhaps worth the effort of the intruder.
68 IEEE 802.1X Authentication
NOTE: The Aironet 1100 Series, 1200 Series, 1300 Series APs, and the 1400 Series bridges
that run Cisco IOS Software are especially vulnerable because they send any WEP key in
cleartext to the simple network management protocol (SNMP) server if the snmp-server
enable traps wlan-wep command is enabled. If you use WEP, make sure this command is
disabled