PDA

View Full Version : WPA WEP etc...



pkfox
2007-02-19, 04:06
Hi All, what wireless security can be used on a SB3 ? I currently use WEP which I've heard is next to useless

2pods
2007-02-19, 04:40
Hi All, what wireless security can be used on a SB3 ? I currently use WEP which I've heard is next to useless

I use WPA/PSK for my SB3 with no problems.

pkfox
2007-02-19, 04:52
I use WPA/PSK for my SB3 with no problems.
thanks , I was a bit confused as the SB's setup only offers WEP, then I saw in another post that you need to setup the router's security first, which then changes the SB's option, thanks again

Kevin O. Lepard
2007-02-19, 06:42
>pkfox;181653 Wrote:
>> Hi All, what wireless security can be used on a SB3 ? I currently use
>> WEP which I've heard is next to useless
>
>I use WPA/PSK for my SB3 with no problems.

Same here. And you are correct, WEP is functionally useless against
any kind of mildly interested attacker.

Kevin
--
Kevin O. Lepard

Happiness is being 100% Microsoft free.

Mark Lanctot
2007-02-19, 19:17
The SB3 also supports WPA2/AES.

Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as they say, go big or go home...WPA2/AES works just fine for me and was as easy as WPA/TKIP to implement.

peter
2007-02-20, 08:45
Mark Lanctot wrote:
> The SB3 also supports WPA2/AES.
>
> Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as
> they say, go big or go home...WPA2/AES works just fine for me and was
> as easy as WPA/TKIP to implement.
>

It's more a matter of password size IIRC. (size matters)

Regards,
Peter

Paul_B
2007-02-20, 14:25
Password size and complexity I would guess. Try to use nouns and use uppercase, lowercase, numbers and non-alphanumeric characters like commas, dashes, etc.

peter
2007-02-20, 14:54
Paul_B wrote:
> Password size and complexity I would guess. Try to use nouns and use
> uppercase, lowercase, numbers and non-alphanumeric characters like
> commas, dashes, etc.
>
Obviously. A long string of AAAA's wouldn't be very secure. Entropy is
what you're after.

Regards,
Peter

Mark Lanctot
2007-02-22, 09:12
Well yes, password size matters, but I was referring to AES's more advanced encryption than TKIP.

Since TKIP hasn't been broken yet, AES is overkill - but still, it costs nothing in terms of time and money to implement, so I did it.

peter
2007-02-22, 11:35
Mark Lanctot wrote:
> Well yes, password size matters, but I was referring to AES's more
> advanced encryption than TKIP.
>
> Since TKIP hasn't been broken yet, AES is overkill - but still, it
> costs nothing in terms of time and money to implement, so I did it.
>

The main risk at the moment is using brute force to crack the keys.
Using a short password or one from a dictionary is just as big a problem
with AES as with TKIP.

That's also the attack against WEP, except that in this case some
stupidities in the protocol implementation make it a lot easier.
But it's not very difficult to make an insecure implementation of AES
encryption.

Regards,
Peter

jonheal
2007-02-22, 12:55
Being pretty much an idiot when it comes to networking stuff, please clarify something for me:

As I understand it, encrypting your wireless broadcasts (hopefully) prevents an eavesdropper from reading the packets you send out into the atmosphere. Protecting the integrity of your network, and the machines on it, is another matter entirely. Am I wrong in that assumption? And if all your broadcasting is music packets, is it that big of a deal to protect them?

Mark Lanctot
2007-02-22, 13:37
Being pretty much an idiot when it comes to networking stuff, please clarify something for me:

As I understand it, encrypting your wireless broadcasts (hopefully) prevents an eavesdropper from reading the packets you send out into the atmosphere. Protecting the integrity of your network, and the machines on it, is another matter entirely. Am I wrong in that assumption? And if all your broadcasting is music packets, is it that big of a deal to protect them?

I'm no more than a novice at this myself, but yes, this is something outside a normal LAN. If your machines are infected with various backdoors, it doesn't matter how secure your WPA2 passphrase is...although interestingly an attacker could still not find it out unless he was running a keylogger as you typed it in.

But in regards to just broadcasting music packets and packets destined for an SB, you need to protect them even more because:

- there will always be traffic an attacker could monitor

- when broadcasting music, a steady stream of packets will be present to analyze

As I understand it, these attacks work better when you have lots of packets to analyze. Once an attacker derives a passphrase, he can (at the very least) use your IP address for whatever purpose he wants. This includes child porn - there have been several high-profile busts recently where police are tracking offenders based on IP addresses, and you would have to prove your wireless network was compromised in court...meanwhile your name would be published in the local media.

Once an attacker is on your LAN, he's also one step closer to accessing your hard drive contents. Your router won't stop him, it'll be up to software firewalls if he gets that far. Blocking by MAC address is useless here - he'll be able to see the MAC addresses of all the devices on your network and can clone one.

peter
2007-02-22, 14:18
Mark Lanctot wrote:
> jonheal;182579 Wrote:
>
>> Being pretty much an idiot when it comes to networking stuff, please
>> clarify something for me:
>>
>> As I understand it, encrypting your wireless broadcasts (hopefully)
>> prevents an eavesdropper from reading the packets you send out into the
>> atmosphere. Protecting the integrity of your network, and the machines
>> on it, is another matter entirely. Am I wrong in that assumption? And
>> if all your broadcasting is music packets, is it that big of a deal to
>> protect them?
>>
>
> I'm no more than a novice at this myself, but yes, this is something
> outside a normal LAN. If your machines are infected with various
> backdoors, it doesn't matter how secure your WPA2 passphrase
> is...although interestingly an attacker could still not find it out
> unless he was running a keylogger as you typed it in.
>
> But in regards to just broadcasting music packets and packets destined
> for an SB, you need to protect them even more because:
>
> - there will always be traffic an attacker could monitor
>
> - when broadcasting music, a steady stream of packets will be present
> to analyze
>
> As I understand it, these attacks work better when you have lots of
> packets to analyze. Once an attacker derives a passphrase, he can (at
> the very least) use your IP address for whatever purpose he wants.
> This includes child porn - there have been several high-profile busts
> recently where police are tracking offenders based on IP addresses, and
> you would have to prove your wireless network was compromised in
> court...meanwhile your name would be published in the local media.
>

Possibly, but the chances are rather small. I read an article on the
exact way of cracking a WEP protected network recently and the 'bad
guys' have devised a little trick to get lots of packets. They just grab
one of your encrypted packets and (re)send it to one of your hosts. The
host will receive the packet and reply to it, another packet to
analyze... The method used in the article required two PC's, a special
Linux boot CD and two wireless cards with a specific chipset. Quite a
hassle still..
> Once an attacker is on your LAN, he's also one step closer to accessing
> your hard drive contents. Your router won't stop him, it'll be up to
> software firewalls if he gets that far. Blocking by MAC address is
> useless here - he'll be able to see the MAC addresses of all the
> devices on your network and can clone one.
>

It's a funny thing wireless security. If you leave your PC/network open
to the internet you *will* be targeted by thousands or tens of thousands
of (professional) automated hacking attempts. If you leave your wireless
network open you will be open to attack by a dozen neighbours. The
chances of your neighbours wanting to target you and having the skill to
do are possibly not so great. One of my neighbours has his network open,
I even used it briefly once or twice, but I've never gone so far as
snooping around on it. The chances of anyone around me wanting to go
through the hassle of cracking a WEP key would be fairly slim.

Then again I read an interesting attack recently in which the bad guys
would drive thru the city with a PC that automatically looked for open
networks with no encryption. The PC would be loaded with knowledge of
popular routers and their configs and default passwords and would
contact any routers it could find and change the DNS settings so it
would use a DNS server controlled by the attacker. By manipulating DNS
responses they would be able to get between the victim and there banking
websites.

I'd take the trouble to set up WPA encryption if I were my neighbour. I
don't know which one it is, perhaps I should snoop around a little ;)

Regards,
Peter

jonheal
2007-02-22, 14:56
Mark Lanctot wrote:
> jonheal;182579 Wrote:
>
>> Being pretty much an idiot when it comes to networking stuff, please
>> clarify something for me:
>>
>> As I understand it, encrypting your wireless broadcasts (hopefully)
>> prevents an eavesdropper from reading the packets you send out into the
>> atmosphere. Protecting the integrity of your network, and the machines
>> on it, is another matter entirely. Am I wrong in that assumption? And
>> if all your broadcasting is music packets, is it that big of a deal to
>> protect them?
>>
>
> I'm no more than a novice at this myself, but yes, this is something
> outside a normal LAN. If your machines are infected with various
> backdoors, it doesn't matter how secure your WPA2 passphrase
> is...although interestingly an attacker could still not find it out
> unless he was running a keylogger as you typed it in.
>
> But in regards to just broadcasting music packets and packets destined
> for an SB, you need to protect them even more because:
>
> - there will always be traffic an attacker could monitor
>
> - when broadcasting music, a steady stream of packets will be present
> to analyze
>
> As I understand it, these attacks work better when you have lots of
> packets to analyze. Once an attacker derives a passphrase, he can (at
> the very least) use your IP address for whatever purpose he wants.
> This includes child porn - there have been several high-profile busts
> recently where police are tracking offenders based on IP addresses, and
> you would have to prove your wireless network was compromised in
> court...meanwhile your name would be published in the local media.
>

Possibly, but the chances are rather small. I read an article on the
exact way of cracking a WEP protected network recently and the 'bad
guys' have devised a little trick to get lots of packets. They just grab
one of your encrypted packets and (re)send it to one of your hosts. The
host will receive the packet and reply to it, another packet to
analyze... The method used in the article required two PC's, a special
Linux boot CD and two wireless cards with a specific chipset. Quite a
hassle still..
> Once an attacker is on your LAN, he's also one step closer to accessing
> your hard drive contents. Your router won't stop him, it'll be up to
> software firewalls if he gets that far. Blocking by MAC address is
> useless here - he'll be able to see the MAC addresses of all the
> devices on your network and can clone one.
>

It's a funny thing wireless security. If you leave your PC/network open
to the internet you *will* be targeted by thousands or tens of thousands
of (professional) automated hacking attempts. If you leave your wireless
network open you will be open to attack by a dozen neighbours. The
chances of your neighbours wanting to target you and having the skill to
do are possibly not so great. One of my neighbours has his network open,
I even used it briefly once or twice, but I've never gone so far as
snooping around on it. The chances of anyone around me wanting to go
through the hassle of cracking a WEP key would be fairly slim.

Then again I read an interesting attack recently in which the bad guys
would drive thru the city with a PC that automatically looked for open
networks with no encryption. The PC would be loaded with knowledge of
popular routers and their configs and default passwords and would
contact any routers it could find and change the DNS settings so it
would use a DNS server controlled by the attacker. By manipulating DNS
responses they would be able to get between the victim and there banking
websites.

I'd take the trouble to set up WPA encryption if I were my neighbour. I
don't know which one it is, perhaps I should snoop around a little ;)

Regards,
Peter

Fortunately, I live on a cul-de-sac. I know all of the close neighbors. Should I see someone parked in the cul-de-sac with a laptop, I reckon I'll break out the Louisville Slugger, and said perp can figure on a wood shampoo.

ASS-Ware
2007-02-24, 13:56
The SB3 also supports WPA2/AES.

Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as they say, go big or go home...WPA2/AES works just fine for me and was as easy as WPA/TKIP to implement.

I am sorry to say you are wrong, but WPA hacks are available and so are WPA2 hacks.

Paul_B
2007-02-24, 14:22
If a professional decides to hack you then they can crak WEP, WPA, WPA2. But we would they bother on a residential estate? Script kiddies can probabaly crack WEP but easier to go after no security.

So what is the answer? Well to make it as hard as possible by using WPA2 with short timeouts between key changes. Use a complex password with as many characters as possible and a decent length. Maybe, if you are paranoid, look at digital certificates. But if you are really paranoid don't connect to the internet

ASS-Ware
2007-02-24, 14:38
If a professional decides to hack you then they can crak WEP, WPA, WPA2. But we would they bother on a residential estate? Script kiddies can probabaly crack WEP but easier to go after no security.

So what is the answer? Well to make it as hard as possible by using WPA2 with short timeouts between key changes. Use a complex password with as many characters as possible and a decent length. Maybe, if you are paranoid, look at digital certificates. But if you are really paranoid don't connect to the internet

It's got nothing to do with an internet connection, it's the wifi connection to your personal network, which can be hacked and then they can access your computer(s).
Internet or no internet is not important.

peter
2007-02-24, 15:46
ASS-Ware wrote:
> Mark Lanctot;181815 Wrote:
>
>> The SB3 also supports WPA2/AES.
>>
>> Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as
>> they say, go big or go home...WPA2/AES works just fine for me and was
>> as easy as WPA/TKIP to implement.
>>
>
> I am sorry to say you are wrong, but WPA hacks are available and so are
> WPA2 hacks.
>

Link?

Regards,
Peter

Mark Lanctot
2007-02-24, 15:58
Link?

This got me curious too, some Googling got me to:

http://www.churchofwifi.org/default.asp?PageLink=Project_Display.asp?PID=95

and

http://www.wirelessdefence.org/Contents/coWPAttyMain.htm

Looks like a pretty esoteric black hat crack to me. Although I don't fully understand the tool, it looks like made-up SSIDs and long, complex passphrases will still help.

snarlydwarf
2007-02-24, 16:22
Looks like a pretty esoteric black hat crack to me. Although I don't fully understand the tool, it looks like made-up SSIDs and long, complex passphrases will still help.

It's really a matter of timeshifting. Note that only advantage between the first test (straight dictionary attack) and the second (precomputed dictionary attack) is that the data set can be recycled for a given SSID.

If you change your SSID to not be stock, then the dictionary will need to be recomputed.

If you change your passphrase to not be one of the ones in the dictionary, it will still not succeed.

Which brings it back down to "don't choose lame-ass passwords", which is already known. This attack only makes using lame-ass passwords with stock SSID's weaker.

ASS-Ware
2007-02-24, 16:52
ASS-Ware wrote:
> Mark Lanctot;181815 Wrote:
>
>> The SB3 also supports WPA2/AES.
>>
>> Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as
>> they say, go big or go home...WPA2/AES works just fine for me and was
>> as easy as WPA/TKIP to implement.
>>
>
> I am sorry to say you are wrong, but WPA hacks are available and so are
> WPA2 hacks.
>

Link?

Regards,
Peter

Google.
Read magazines.
Search security forums.
Go to security lectures.
I have see a man hack into a WPA2 protected wifi network withing 5 minutes.

ASS-Ware
2007-02-24, 16:56
Being pretty much an idiot when it comes to networking stuff, please clarify something for me:

As I understand it, encrypting your wireless broadcasts (hopefully) prevents an eavesdropper from reading the packets you send out into the atmosphere. Protecting the integrity of your network, and the machines on it, is another matter entirely. Am I wrong in that assumption? And if all your broadcasting is music packets, is it that big of a deal to protect them?

The thing is, once somebody hacks your wifi, that person is in your network and can try to access all computers in your network, and even worse, use your internet connection for attacks to other networks on the web and you are the one to blame if it's discovered as they use your connection.
And what about somebody hacking your wifi and thus being part of your network and then download child pornography ?
If discovered, they come to your door !!!
That happened not far from my village.

ASS-Ware
2007-02-24, 17:00
If a professional decides to hack you then they can crak WEP, WPA, WPA2. But we would they bother on a residential estate?

They sit in cars, they hack wifi networks and download illegal stuff like child pornography.
And it's downloaded from your internet connection, so you are the one they come to once it's discovered.
It happened near my town.

Mitch Harding
2007-02-24, 17:38
Yeah, but why would they bother targeting someone with WPA or WPA2 when
there are still plenty of people using WEP or no security at all? My goal
in using WPA2 is to make it as inconvenient as possible. Given that right
now I can see two of my neighbors unsecured networks, and given that some of
the others are probably only using WEP... well, I'm not losing much sleep.

On 2/24/07, ASS-Ware <ASS-Ware.2mjamb1172361901 (AT) no-mx (DOT) forums.slimdevices.com>
wrote:
>
>
> Paul_B;183246 Wrote:
> > If a professional decides to hack you then they can crak WEP, WPA, WPA2.
> > But we would they bother on a residential estate?
>
> They sit in cars, they hack wifi networks and download illegal stuff
> like child pornography.
> And it's downloaded from your internet connection, so you are the one
> they come to once it's discovered.
> It happened near my town.
>
>
> --
> ASS-Ware
> ------------------------------------------------------------------------
> ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280
> View this thread: http://forums.slimdevices.com/showthread.php?t=32888
>
>

ASS-Ware
2007-02-24, 17:48
Yeah, but why would they bother targeting someone with WPA or WPA2 when
there are still plenty of people using WEP or no security at all?

Maybe because people that know what they are doing, setting wpa2 for example, have faster internet access ?
Dunno.

Mitch Harding
2007-02-24, 17:57
If you can convince my cable company to supply me faster access, please do!
I sent them my college transcript and some glowing references from my
coworkers, but so far no luck...

On 2/24/07, ASS-Ware <ASS-Ware.2mjcpc1172364602 (AT) no-mx (DOT) forums.slimdevices.com>
wrote:
>
>
> Mitch Harding;183308 Wrote:
> > Yeah, but why would they bother targeting someone with WPA or WPA2 when
> > there are still plenty of people using WEP or no security at all?
>
> Maybe because people that know what they are doing, setting wpa2 for
> example, have faster internet access ?
> Dunno.
>
>
> --
> ASS-Ware
> ------------------------------------------------------------------------
> ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280
> View this thread: http://forums.slimdevices.com/showthread.php?t=32888
>
>

jonheal
2007-02-24, 19:01
The thing is, once somebody hacks your wifi, that person is in your network and can try to access all computers in your network, and even worse, use your internet connection for attacks to other networks on the web and you are the one to blame if it's discovered as they use your connection.
And what about somebody hacking your wifi and thus being part of your network and then download child pornography ?
If discovered, they come to your door !!!
That happened not far from my village.

Just because they're on my network doesn't mean they can access my machines. They'd need a LAN ID to map a drive. Heck, I can't even map drives on some of the machines!

As for downloading porn using me as a proxy, you can do the same thing at Starbucks. Do you think the Department of Justice is going after Starbucks and all of the tens of thousands of other wi-fi hotspots and tens of thousands of private unsecured networks?

ASS-Ware
2007-02-24, 20:35
If you can convince my cable company to supply me faster access, please do!

Get another ISP then ;-)

ASS-Ware
2007-02-24, 20:39
Just because they're on my network doesn't mean they can access my machines. They'd need a LAN ID to map a drive. Heck, I can't even map drives on some of the machines!

That doesn't mean somebody else can't access them.
Remember that virus called blaster ?
Only network access needed without credentials.



As for downloading porn using me as a proxy, you can do the same thing at Starbucks. Do you think the Department of Justice is going after Starbucks and all of the tens of thousands of other wi-fi hotspots and tens of thousands of private unsecured networks?

I don't think anybody would look up child pornography or something else illegal at Starbucks.

Just my 2 Dutch cents.

peter
2007-02-25, 02:01
snarlydwarf wrote:
> Mark Lanctot;183284 Wrote:
>
>> Looks like a pretty esoteric black hat crack to me. Although I don't
>> fully understand the tool, it looks like made-up SSIDs and long,
>> complex passphrases will still help.
>>
>
> It's really a matter of timeshifting. Note that only advantage between
> the first test (straight dictionary attack) and the second (precomputed
> dictionary attack) is that the data set can be recycled for a given
> SSID.
>
> If you change your SSID to not be stock, then the dictionary will need
> to be recomputed.
>
> If you change your passphrase to not be one of the ones in the
> dictionary, it will still not succeed.
>
> Which brings it back down to "don't choose lame-ass passwords", which
> is already known. This attack only makes using lame-ass passwords with
> stock SSID's weaker.
>
>

AFAICS these are all dictionary attacks. That's why you don't choose or
invent a password but you generate a random one of 64 characters. There
are sites on the web to help you (note that they will know your
password). Luckily most of the time you will copy & paste your key
(unless you're dealing with an SB) so it won't be too much work.

Regards,
Peter

peter
2007-02-25, 02:04
ASS-Ware wrote:
> Peter;183283 Wrote:
>
>> ASS-Ware wrote:
>>
>>> Mark Lanctot;181815 Wrote:
>>>
>>>
>>>> The SB3 also supports WPA2/AES.
>>>>
>>>> Now WPA/TKIP hasn't been broken yet so it's probably overkill, but
>>>>
>> as
>>
>>>> they say, go big or go home...WPA2/AES works just fine for me and
>>>>
>> was
>>
>>>> as easy as WPA/TKIP to implement.
>>>>
>>>>
>>> I am sorry to say you are wrong, but WPA hacks are available and so
>>>
>> are
>>
>>> WPA2 hacks.
>>>
>>>
>> Link?
>>
>> Regards,
>> Peter
>>
>
> Google.
> Read magazines.
> Search security forums.
> Go to security lectures.
> I have see a man hack into a WPA2 protected wifi network withing 5
> minutes.
>

How many characters was the key? Was it random generated? AFAIK people
choosing crackable passwords is the main weakness.

Show me a crack of a random 64 character password...

Regards,
Peter

peter
2007-02-25, 02:12
ASS-Ware wrote:
> jonheal;182579 Wrote:
>
>> Being pretty much an idiot when it comes to networking stuff, please
>> clarify something for me:
>>
>> As I understand it, encrypting your wireless broadcasts (hopefully)
>> prevents an eavesdropper from reading the packets you send out into the
>> atmosphere. Protecting the integrity of your network, and the machines
>> on it, is another matter entirely. Am I wrong in that assumption? And
>> if all your broadcasting is music packets, is it that big of a deal to
>> protect them?
>>
>
> The thing is, once somebody hacks your wifi, that person is in your
> network and can try to access all computers in your network, and even
> worse, use your internet connection for attacks to other networks on
> the web and you are the one to blame if it's discovered as they use
> your connection.
> And what about somebody hacking your wifi and thus being part of your
> network and then download child pornography ?
> If discovered, they come to your door !!!
> That happened not far from my village.
>

They may come to your door, but they won't prosecute you unless they
find more evidence. Of course, the hacker may leave some evidence on
your disk, but that would be a personal attack against you, which is
possible if you have enemies. It sounds unlikely to me that child porn
enthousiasts would possess such technical knowledge and go through all
that physical work. If you're that good, you'd better set up a botnet to
do your dirty work and control them over TOR from the comfort of your
own home.

Regards,
Peter

ASS-Ware
2007-03-18, 13:23
ASS-Ware wrote:
> jonheal;182579 Wrote:
>
>> Being pretty much an idiot when it comes to networking stuff, please
>> clarify something for me:
>>
>> As I understand it, encrypting your wireless broadcasts (hopefully)
>> prevents an eavesdropper from reading the packets you send out into the
>> atmosphere. Protecting the integrity of your network, and the machines
>> on it, is another matter entirely. Am I wrong in that assumption? And
>> if all your broadcasting is music packets, is it that big of a deal to
>> protect them?
>>
>
> The thing is, once somebody hacks your wifi, that person is in your
> network and can try to access all computers in your network, and even
> worse, use your internet connection for attacks to other networks on
> the web and you are the one to blame if it's discovered as they use
> your connection.
> And what about somebody hacking your wifi and thus being part of your
> network and then download child pornography ?
> If discovered, they come to your door !!!
> That happened not far from my village.
>

They may come to your door, but they won't prosecute you unless they
find more evidence. Of course, the hacker may leave some evidence on
your disk, but that would be a personal attack against you, which is
possible if you have enemies. It sounds unlikely to me that child porn
enthousiasts would possess such technical knowledge and go through all
that physical work. If you're that good, you'd better set up a botnet to
do your dirty work and control them over TOR from the comfort of your
own home.

Regards,
Peter

Well, it happened close to my town.