Wired Equivalent Privacy (WEP) Security for madwifi ========================================================================= This document details the commands currently used to configure a station or AP to use WEP security. WEP is known to have vulnerabilities that make it a less attractive for networks with stringent security requirements. However, wide deployment and relative ease-of-use make it a simple way to add link layer encryption between stations (STAs) and access points (APs). The WEP modes most commonly available on 802.11 implementations are: 1) WEP 40/64 bit key, open 802.11 authentication 2) WEP 104/128 bit key, open 802.11 authentication 3) WEP 40/64 bit key, shared key 802.11 authentication 4) WEP 104/128 bit key, shared key 802.11 authentication The commands used to configure an Atheros interface (in this case, 'ath0') are the standard Linux wireless tools (iwconfig, iwpriv and ifconfig). To configure the madwifi to use WEP encryption, simply add an encryption key to the interface using iwconfig. To configure the driver to use 802.11 shared key authentication, iwpriv is used to change the protocol authentication mode. iwpriv ath0 authmode 1 # open authentication iwpriv ath0 authmode 2 # shared key authentication iwpriv ath0 authmode 3 # 802.1x authentication These sets of commands work for a station in each of the 4 cases above. 1) iwconfig ath0 essid key 0123-4567-89 2) iwconfig ath0 essid key 0123-4567-8901-2345-6789-0123-4567-8901 3) iwconfig ath0 essid key 0123-4567-89 iwpriv ath0 authmode 2 4) iwconfig ath0 essid key 0123-4567-8901-2345-6789-0123-4567-8901 iwpriv ath0 authmode 2 If you want the driver to perform as an AP, you can add 'mode master' to the iwconfig line. The interface MUST be brought UP for the driver to associate with the AP (or an AP to accept new stations). This is achieved using ifconfig ifconfig ath0 X.X.X.X up Known Problems ============== Switching 802.11 authentication modes after entering a WEP key AND after entering a new authmode sometimes erases the key from the driver configuration. e.g. issuing iwpriv ath0 authmode 1 after following steps 3 or 4 clears the WEP key. Happy privacy :)