1. WEP is definitely not secure (although it is better than nothing). Cracking any level of WEP encryption is considered a trivial task these days for anyone who is truly intent on doing so and has the right setup. Depending on your location (and the sensitivity/importance of the data traversing your network), you may not have to worry about such serious "hackers", but then again... you never know.

WPA and other newer encryption methods have come along to address WEP's shortcomings, and although they are more robust than WEP, they too have their weak spots.


2. MAC filtering is not an altenative encryption method to WEP, but rather a compliment to the security that encryption such as WEP can provide. MAC filtering simply allows or denies access to your wifi network based on the unique MAC address assigned to every network device.

MAC addresses can be sniffed and "spoofed" however, so even this is not a foolproof security measure. Although most Windows users are unaware of the wealth of network sniffing/cracking/etc. tools that are available, users of Linux systems and other UNIX-based operating systems have been using such tools for a long time. Unfortunatley, even though most of those tools were originally intended for legit network maintenance and troubleshooting, they've been put to the wrong uses by "war drivers" and other wifi network-cracking low-lifes.

The ¨latest and greatest¨ protection for wireless is AES Security.

While I am a sceptic as far as the inability of a determined hacker to break into anything, the statistics concerning cracking an AES encryption key found in this government document are impressive! See Para 16 of the treatise...

http://csrc.nist.gov/encryption/aes/aesfact.html

Many of the wireless router and bridge companies still in business use one or another iterations of this type of encryption.

I'll take my cue from history and put the money on the crackers.

It seems that every time a new encoding/encryption scheme has been developed, there's been a prediction that it would be humanly impossible to crack, or that it would take thousands/millions/billions of years to crack. But what's really happened in almost every case? Yup- the encryption gets cracked in decades/years/months or, in a couple of embarassing cases, it's been cracked before it's even officially been released.

The cracks may have been made possible by new and previously-unimagined technology, the discovery of an attack vector overlooked by the code's designers, some stroke of genius on a cracker's part, or sheer brute-force determination. Whatever the method though, solving encryption "mysteries" is something that's always proven to be a fascinating challenge that some people just can't ignore.

You´ll get no argument from me on that...

And it will be broken...but until then, I think this scheme is the best we have. But regardless whether the net is wireless or not, any port to the outside is going to be easy to crack if you try hard enough.

It appears that way, yes. Considering the fact that it's being positioned as a replacement for WEP, TKIP, and even DES/3DES, it must have something going for it...

Yes. Most of the big boys have some iteration of it in their security suites, even Cisco, which is, admitedly, not the best equipment on the block, but the one everyone in the states buys, unfortunately.

You have to pay extra for it, of course, and there are a lot of third party security companies out there that have their own flavors, so as you say, there must be something in it. I know that when I was selling wireless infrastructure in Europe and Africa, it was a mandatory requirement for any Governmental purchase.

Whether it´s worth it in a private or hotspot situation is anybody´s guess. I´m running minimal security on my wireless net but I feel a little vulnerable, although I´m out in the suburbs where ít´s unlikely that people will be riding around looking for a cheap ride...of course, when I read the rest of your treatise that we´re all waiting for, then maybe I´ll beef it up sorry I couldn´t resist that one - I´m really NOT putting pressure on, just a little joke.

If I hear of anything new in my day to day research, since I´m in the business, I´ll keep the forums posted (no pun intended).

We use AES on the company wireless network and it's worked great!