[driverloader] Security mode: open

Marc Boucher marc at linuxant.com
Tue Aug 17 14:43:34 EDT 2004 

On Aug 17, 2004, at 11:19 AM, Sebastien Stormacq wrote:

> Steve,
>
> AFAIK, opne means there is no encryption (WEP or other) on the link
> So, to answer your question : NO this is not secure.
>
> Cheers,
>
> Seb

I am afraid that this is not the correct answer. One should not confuse 
authentication and encryption.

On driverloader interfaces, the iwconfig security mode parameter 
("open" or "restricted") actually sets the authentication mode to 
either "open system" or "shared key" respectively (or "automatic" if no 
keyword is specified). WEP encryption is activated by setting an 
encryption key, regardless of the authentication mode setting. 
Therefore encryption can still be active in "open" authentication mode.

"Shared key" authentication was intended as a way for the access point 
to verify the identity of the client with a challenge-response scheme 
based on the WEP key before allowing it to associate. However, it was 
incorrectly designed and may actually weaken security by exposing the 
WEP key to potential attack.

"Open system" authentication basically allows anyone to associate with 
the access point, but if WEP encryption is on and they don't know the 
WEP key, such an association would be useless since valid packets 
cannot be transmitted or received without a proper key.

So paradoxically, "open system" authentication might in practice be 
more secure than "shared key" authentication.

Note however that WEP encryption does protect to some extent but is no 
longer considered fully secure, regardless of the mode used. For 
adequate security, use WPA.

Hoping this clarifies,
Marc


--
Marc Boucher
Linuxant inc.

> Steve Varadi wrote:
>> WSecurity mode: open What does it mean exactly?? It is open for 
>> public? or open i.e. ON??
>> Is it secure in this mode??
>>   wlan0     IP address: 192.168.0.101/24 (DHCP)
>> wlan0     IEEE 802.11-DS  ESSID:"pwl199"  Nickname:"Hepike"
>>           Mode:Managed  Frequency:2.437GHz  Access Point: 
>> 00:80:C8:01:B0:AA            Bit Rate=11Mb/s             RTS thr=1600 
>> B   Fragment thr=2344 B             Encryption 
>> key:1111-1111-1122-2222-2222-9999-99   Security mode:open
>>           Power Management:off
>>           Link Quality:100/100  Signal level:-29 dBm  Noise 
>> level:-154 dBm
>>           Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
>>           Tx excessive retries:0  Invalid misc:0   Missed beacon:0
> _______________________________________________
> driverloader mailing list
> driverloader at lists.linuxant.com
> https://www.linuxant.com/mailman/listinfo/driverloader
>

More information about the driverloader mailing list