Re: NM and WEP

[Dan Williams <dcbw redhat com>]

On Sun, 2007-06-03 at 02:06 -0700, Patton Echols wrote:
> Sry if this reposts.  Having mail trouble here so trying again.
> 
> On 05/31/2007 02:16 PM, Dan Williams wrote:
> > On Thu, 2007-05-31 at 17:25 +0000, Volker Braun wrote:
> >   
> >> Your WEP password is wrong. A glaring design flaw of WEP is that it does 
> >> not give any feedback on whether the password is correct or not. 
> >>     
> >
> > Right; NM basically has to try to run DHCP and (after 40s) timeout the
> > connection attempt, because there's no indication that the key is wrong.
> >
> >   
> Well, the scenario is this:
> 
> The A.P. is at a coffee shop that is selected by other folks for 
> meetings. They provide "free" access, but use WEP to keep folks from 
> parking in their lot, using their connection and not coming in to buy 
> coffee. When you buy coffee, they have a stack of slips on the counter 
> with the current password. It is not designed for real security, just to 
> be enough of a hassle so that people will actually come in the store. 
> The point of this background is that the passwords are easy: Like 
> "h0t-m0cha" and they are written down, so easy to key in correctly. 
> Finally, as I said in the original post, when I boot to WinXP, feed it 
> the password, it works just fine.
> > Be _sure_ you have the right type of passphrase.  The other flaw in WEP
> > is that there are 3 key lengths (40, 104, and 152 bit) and 3 different
> > passphrase hashes (hex, ascii, and passphrase).  
> Ok, I saw the place to select the hash on the passphrase dialog, but I 
> thought it was just looking for eg; a hex passphrase. In which case a 
> passphrase with a "t" or "m" would not work. Could I use the example 
> above if I switched to hex or ascii?
> 
> I don't remember seeing a choice of key length. Is that in the same 
> dialog? Or do I change that setting elsewhere. If NM defaults to 104 
> bit, I can imagine a failure because the philosophy of what they are 
> trying to do is minimal security.
> > There's also the Open
> > System and Shared Key auth methods.  You must get all of those correct,
> > otherwise the connection will not succeed.
> >   
> And no way to get the AP to tell you the combo it is looking for? How 
> does windoze do it then? It seems to work there :-(

No, there is no way with WEP.

It works on Windows XP/2000 because the only entry type is "Hex Key";
there isn't even a choice for Passphrase or anything else.  You can only
do actual passphrases with vendor driver utils from D-Link, Linksys,
etc.  That said, having to present a choice between 3 different kinds of
key types really sucks.

If the key you're given is 10 or 26 characters long, and only includes
the the numbers 1 - 9 and letters a - f, then it's almost certainly a
Hex Key, not a passphrase.

Dan

> > WEP sucks.
> >
> >   
> Yeah, I didn't pick it.
> 
> _______________________________________________
> NetworkManager-list mailing list
> NetworkManager-list gnome org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list