WEP has been broken for many years but there’s still some one that enjoys taking all the broken pieces and smashing them into even smaller pieces. The new attack requires the active injection of arp packets by the attacker. Which leaves the attacker open for discovery by an IDS installed on the victim network. The researchers have a modified version of aircrack-ng called aircrack-ptw that is the proof of concept. The report reads in part, “Our current attack is a fast, but active one, and could thereby be detected by an Intrusion
Detection System (IDS). A passive version would be interesting making the attack undetectable by any kind of network monitoring system.” If the attacker finds a busy network, collecting the required packets would be trivial even if it took longer than 60 seconds. Anyone that is considering using WEP for anything important needs to wake up!