PDA

View Full Version : Squeezebox and WEP



Jason
2004-01-11, 19:48
Ya, sometimes folk go a little overboard with their home network security.
Routine checking of your logs would tell you if there was anything going on.
I mean are you really worried someone is trying THAT hard to hack you that
128 WEP just doesn't cut it?

-----Original Message-----
From: discuss-bounces (AT) lists (DOT) slimdevices.com
[mailto:discuss-bounces (AT) lists (DOT) slimdevices.com] On Behalf Of dean blackketter
Sent: Sunday, January 11, 2004 7:13 PM
To: Slim Devices Discussion
Subject: [slim] Squeezebox and WEP

I'm not saying it's feasible or not, but I imagine it would be hard.


On Jan 11, 2004, at 10:47 AM, Jason Dixon wrote:

> On Sun, 2004-01-11 at 13:42, Dan Sully wrote:
>> * Jason Dixon <jason (AT) dixongroup (DOT) net> shaped the electrons to say...
>>
>>> Granted, I don't see *everyone* using it. Most non-geeks don't
>>> IPsec-ify their home 802.11b networks. Oh wait, we're all geeks,
>>> aren't we?
>>
>> IPSec anything would kill the player's CPU (if it could even do it),
>> and bandwidth.
>
> You don't know as much about IPsec as you think you do. I've run IPsec
> firewalls on old Sun IPX's, P75's, even my Sharp Zaurus 5500. If it
> wasn't feasible, I'm sure Dean would've said so already.
>
> --
> Jason Dixon, RHCE
> DixonGroup Consulting
> http://www.dixongroup.net
>
>

Mark A. Aiken
2004-01-12, 02:49
Well I haven't taken the time to secure my wireless network properly,
but with tools like Airsnort in the open, I think it's accepted that

- WEP is broken
- WEP keys can be derived, given enough traffic, with passive
monitoring, which will not, in itself, produce interesting log entries

Airsnort says it needs a few million packets to break a WEP key (even
128-bit). I stream uncompressed audio to my Squeezebox. With the Slimserver
putting 1,400 bytes into each packet, and a 44.1KHz stream @ 32bits / sample
requiring 172KB / sec, it takes 22 hours of streaming to generate 10,000,000
packets, which should be plenty to break WEP. Since it's too much of a pain
to type a huge hex number into my Squeezebox and laptops regularly, I don't
rotate my WEP key, so once my network is broken, it's broken.

I live in a dense urban area. I'm not worried about someone sitting in a
van for hours breaking my wireless network, but I wouldn't entirely discount
one of my neighbors being bored.

Mark

----- Original Message -----
From: "Jason" <jason (AT) pagefamily (DOT) net>
To: "'Slim Devices Discussion'" <discuss (AT) lists (DOT) slimdevices.com>
Sent: Sunday, January 11, 2004 6:48 PM
Subject: [slim] Squeezebox and WEP


> Ya, sometimes folk go a little overboard with their home network security.
> Routine checking of your logs would tell you if there was anything going
on.
> I mean are you really worried someone is trying THAT hard to hack you that
> 128 WEP just doesn't cut it?
>
> -----Original Message-----
> From: discuss-bounces (AT) lists (DOT) slimdevices.com
> [mailto:discuss-bounces (AT) lists (DOT) slimdevices.com] On Behalf Of dean
blackketter
> Sent: Sunday, January 11, 2004 7:13 PM
> To: Slim Devices Discussion
> Subject: [slim] Squeezebox and WEP
>
> I'm not saying it's feasible or not, but I imagine it would be hard.
>
>
> On Jan 11, 2004, at 10:47 AM, Jason Dixon wrote:
>
> > On Sun, 2004-01-11 at 13:42, Dan Sully wrote:
> >> * Jason Dixon <jason (AT) dixongroup (DOT) net> shaped the electrons to say...
> >>
> >>> Granted, I don't see *everyone* using it. Most non-geeks don't
> >>> IPsec-ify their home 802.11b networks. Oh wait, we're all geeks,
> >>> aren't we?
> >>
> >> IPSec anything would kill the player's CPU (if it could even do it),
> >> and bandwidth.
> >
> > You don't know as much about IPsec as you think you do. I've run IPsec
> > firewalls on old Sun IPX's, P75's, even my Sharp Zaurus 5500. If it
> > wasn't feasible, I'm sure Dean would've said so already.
> >
> > --
> > Jason Dixon, RHCE
> > DixonGroup Consulting
> > http://www.dixongroup.net
> >
> >

Jack Coates
2004-01-12, 12:10
On Mon, 2004-01-12 at 01:49, Mark A. Aiken wrote:
> Well I haven't taken the time to secure my wireless network properly,
> but with tools like Airsnort in the open, I think it's accepted that
>
> - WEP is broken
> - WEP keys can be derived, given enough traffic, with passive
> monitoring, which will not, in itself, produce interesting log entries
>
> Airsnort says it needs a few million packets to break a WEP key (even
> 128-bit). I stream uncompressed audio to my Squeezebox. With the Slimserver
> putting 1,400 bytes into each packet, and a 44.1KHz stream @ 32bits / sample
> requiring 172KB / sec, it takes 22 hours of streaming to generate 10,000,000
> packets, which should be plenty to break WEP. Since it's too much of a pain
> to type a huge hex number into my Squeezebox and laptops regularly, I don't
> rotate my WEP key, so once my network is broken, it's broken.
>
> I live in a dense urban area. I'm not worried about someone sitting in a
> van for hours breaking my wireless network, but I wouldn't entirely discount
> one of my neighbors being bored.
>
> Mark
....

my WAP is in a plaster and lathe room in the center of my house. signal
strength is zero by the time you hit any of my property lines. You
should be able to achieve the same effect by wrapping your WAP in
tinfoil :-)
--
Jack at Monkeynoodle Dot Org: It's A Scientific Venture...
************************************************** ********************
*"Did you keep a watch for the Dead Man's Wind, did you see the *
*woman with the comb in her hand wailing away on the wall of the *
*strand as you danced to the Turkish Song of the Damned?" *
*-- Turkish Song Of The Damned from If I Should Fall From Grace With *
*God by The Pogues *
************************************************** ********************

kdf
2004-01-12, 12:17
Quoting Jack Coates <jack (AT) monkeynoodle (DOT) org>:


>
> my WAP is in a plaster and lathe room in the center of my house. signal
> strength is zero by the time you hit any of my property lines. You
> should be able to achieve the same effect by wrapping your WAP in
> tinfoil :-)

By contrast mine seems to have trouble making it to the outer walls of my
townhouse. I have had to use the old Pringles Can trick to increase the levels.
Its only very slight, but enough to stop my notebook from being dropped. The
squeezeboxes seem to handle it much better. One in the room below gets about
90% strength, and the other down the hall gets about 62-80%. My notebook is
often all over the place and while it does still report a dead link on the
monitor, its never long enough any more that the connection fails.

-kdf