Help me please : WepKey Changer Programing (Windows)

Hey,

I would like to create a small program for switch my WEP key each day. (or each hour, minute, ... following my variable)

It is a personnal project, I think that it is a good idea, but I would like more information about it because I don't know how I must to process for that.

This program will be working on Windows, and I will be written in ... (May be C, or C++, or Python, or Perl) If it isn't possible with one of this languages, I will use an other, but I prefer using a language that I know. I don't know which language using, and I haven't got sources for starting.

How do I do that ? Can I help me of Wireless Zero Config tool ? Or watching registre key ? Have you got any clues ?

If you are some link, I will be happy.

Thanks for yours answers

CU soon

Reply to
Truty
Loading thread data ...

To clear this up, are you writing the program or do you want someone to write it and give it to you? It sounds like you know the names of things, but not what to do with them. You also need to read up on how WEP works - most stopped using it years ago in favour of WPA and key servers which can do what you want. Just buy a new router and save time and money, get one with WPA.

Reply to
simon

Actually, there are several methods of accomplishing this already in place.

RADIUS servers, when used in conjunction with wireless networking, can do exactly that. Read up on 802.1X with WEP key rotation.

Email me with questions.

Chris H

formatting link

Reply to
NetSteady

simon brought next idea :

Hey Simon,

I know that WPA is better but I would like to create a program with WEP. Then If someone or you, are interessing to help me, or give me source to start this new project, I will be happy.

Truty

Reply to
Truty

NetSteady brought next idea :

Thx for your answer Chris H, The RADIUS server must be very powerful, but I am looking for a programme without server, running on each station (it is a small network, only 3 PC) Is it possible to extract ssid, wepkey, ... on Windows ? if you know how I can to process or useful links about it, I could to start in this project. Google doesn't give me answers about it, may be because I don't know how I must to search it.

C U

Reply to
Truty

I have to ask, what's the point?

Reply to
David Taylor

A radius server doesn't have to be powerful, just a service sitting somewhere, you already have enough machines by the sound of it to run one on.

This is going to be stupidly complex. How are you going to sychronise the key change across 3 devices and the access point? If you base it on the time on the local PC then that's going to have drift so you'd then have to send a network announcement that tells them all to do a key change.

If you send the key change notification across the wireless media then the most reliable way would be to have one PC generate the key and then transmit it but there you have the classic key exchange problem and you're doing it across an insecure medium.

What you are proposing is not only re-inventing the wheel but doing so and ending up with an oval.

David.

Reply to
David Taylor

Given the insecurity of WEP, one 'fix' is to periodically alter the key. As to why use WEP, because (hang on to your hat cause you are not going to beleive this) some older cards don't have drivers for WPA. So if you want to have a network with some security but still be available to anyone who needs access, WEP is the game. But again the problem with WEP, capture some packets and the key can be had, but change the key now and again and the task is a bit harder. Is this perfect, no, but does it at least improve the exposure, YES.

Next question.

fundamentalism, fundamentally wrong.

Reply to
Rico

Yes I know this, as has been pointed out already, use a RADIUS service which will allow this rotation of WEP keys automatically.

The solution already exists, it's just a case of deploying and configuring a RADIUS service.

Like I said in my other post, the bigger challenge is not just making up a new key and setting it on the local machine but rather changing the key on the AP and at the clients *at the same time*.

This is a solution without a problem, the proper solution already exists.

There is no next question ;)

David.

Reply to
David Taylor

Yes, it's called WPA-TKIP.

But your solution will require (at the very least) all new drivers for the cards in question to allow them to support RTKIP (Rico's Temporal Key Integrity Protocol), plus a custom interface to your router to change the keys there, plus a recovery method to sync up laptops that are powered down when they keys change.

It really is simpler and easier to replace the offending cards with ones that support WPA.

[Yeah, you can buy a WPA supplicant separately, but that costs _more_ than a new card, IME...]
Reply to
William P.N. Smith

I can't speak for everyone, but if this is your offer to update every older card that sometimes visits and needs to associate with my network, consider it accepted. Where do I tell my users to send the bill?

fundamentalism, fundamentally wrong.

Reply to
Rico

Changing the WEP key actually does little or nothing to improve security, since WEP is vulnerable to immediate attack; i.e., your new key is as likely to be cracked as your old key. You might as be moving the deck chairs around on the Titanic. The only benefit to changing the WEP key is making it just a little bit harder for an old cracker to get back in.

Reply to
John Navas

Check my WWWebsite. We're not cheap, but we are easy! 8*)

Seriously, if you have a need for occasional use by insecure users, consider setting up another AP with WEP (or no) security, and only turn it on when you have insecure visitors. Alternately, chain a couple of extra routers and allow the insecure AP internet access only, with no routing into your LAN.

Reply to
William P.N. Smith

Lend them a network card that supports WPA? :)

Reply to
David Taylor

I have to say, I find this debate quite odd.

  • One has a certain level of security
  • Visitors arrive who can't meet that level
  • so...
  • one disables security.... ?????

Isnt "attack vector" written all over this idea?

Personally I see nothing wrong with a clear policy statement that only WPA enabled devices can connect. Mark McIntyre

Reply to
Mark McIntyre

And if visiting customer$ are OK with it and don't pout and $pend their money elsewhere, great.

fundamentalism, fundamentally wrong.

Reply to
Rico
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

That last option is the one I recommend, especially when combined with enforced QoS.

Reply to
John Navas
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

I second that. It's what I do. Otherwise they can use a wired connection. I have an Apple Airport Express, configured with WPA for the wireless network, that can be used for the wired connection.

Reply to
John Navas

And if your /other/ customers, the ones with WPA, all get hacked and virused because /your/ security was crap... how many customers will you have then?

Sure. its a choice. Customers but rubbish security, and a wide-open network.

/Potentially/ fewer customers (and only potentially, if you have any marketing ability at all, its easy to sell better security), but decent security.

Mark McIntyre

Reply to
Mark McIntyre

"customers" were never mentioned. If they were, would you expect customers to have to load a bit of bodge software to make something work that has already been fixed?!

David.

Reply to
David Taylor

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.