In message <3B9EA057.23903.1FBC324C@localhost>, "Thomas Michael Wanka" writes:
>Hi,
>
>On 11 Sep 2001, at 8:10, Steven M. Bellovin wrote:
>> It doesn't work.  More precisely, it's very easily cryptanalyzed;
>> there's running code, etc.  A passive eavesdropper can crack 128-bit
>> WEP with very little effort.
>
>thanks, until now I only was aware, that WEP implementations are 
>not compatible when using products of different manufacturers. 
>
>Do you have sources for more information about this (crack tests 
>and such) and recommendations for alternatives? A client requested 
>a connection between two buildings in a city and I did not evaluate 
>the risks of wireless networks until now.
>
>TIA
>
>mike
>
>
See http://www.crypto.com/papers/others/rc4_ksaproc.ps for the attack,
and http://www.cs.rice.edu/~astubble/wep for an implementation.

The right answer is IPsec.

		--Steve Bellovin, http://www.research.att.com/~smb
				  http://www.wilyhacker.com