Irresponsible?

`mongoose

One of Freddy's beloved
Joined
Jan 9, 2004
Messages
957
Catsby said:
Catsby suspects that it is ever so slightly the case, as there is little alternative for most.

For clarity, Catsby states that whilst this information is there on other sites for those that really look, there is no equivalent on such a popular site.

'kin arseholes.

Before long I reckon most wireless routers will come with rolling wep keys and the what not. It's always been too easy to capture wireless packets and decrypt the key. Right now, however, most people won't have access to that resource. Sticking that how-to on a big site makes it to easy for the script kiddies to find :/

M
 

Danya

Fledgling Freddie
Joined
Dec 23, 2003
Messages
2,466
Tom's hardware and attached sites have always sucked in my book. this is pretty much par for the course with them.

Glad I use WPA. :p
 

anattic

Fledgling Freddie
Joined
Dec 22, 2003
Messages
182
Don't be too sure, Dayna: WPA-PSK (pre-shared key) is almost as vulnerable to offline dictionary attacks as WEP.

Last year, there was a good (i.e. accurate) article in Network World about wireless security, including some side-by-side equipment testing. Worth a read if you're interested... link
 

Danya

Fledgling Freddie
Joined
Dec 23, 2003
Messages
2,466
Any encryption is vulnerable to offline dictionary attacks (except one-time pad), you generally counter it by using a very large key.
 

anattic

Fledgling Freddie
Joined
Dec 22, 2003
Messages
182
Danya said:
Any encryption is vulnerable to offline dictionary attacks (except one-time pad), you generally counter it by using a very large key.
Assuming there are no holes in the algorithm (see above article sections on WPA and TKIP), granted a large key increases the time required to brute-force the attack.

However, by using per-session keying (i.e. IEEE802.11i/WPA2), you dramatically reduce the volume of ciphertext protected by any particular key. Assuming your key-lifetime is short, this renders a brute-force attack rather pointless - you get the very small amount of old information, which gets you no closer to gaining more general access to the encrypted traffic. (This all assumes the initial key-exchange isn't compromised, but that's another problem...)

I appreciate that setting up RADIUS/802.11i on any network is a god-awful pain and excessive for many users, so, I agree, WPA-PSK is good enough. I'm just cautioning that WPA has been compromised too, both in theory and implementation.

(and apologies Danya for typoing your nick - I only noticed after the edit-button had disappeared)
 

Danya

Fledgling Freddie
Joined
Dec 23, 2003
Messages
2,466
Well the main hole in WPA is poor key choice (you can't brute force a 256-bit key) leaving it open to dictionary attacks. Unlike WEP which is flawed by it's very design; no matter how carefully you choose your key it's weak. Other than poor passphrase choice there aren't any easy attacks on WPA.
 

Escape

Can't get enough of FH
Joined
Dec 26, 2003
Messages
1,643
/wonders how Catsby came across this material, could he be a scriptkitty? oO
 

Catsby

One of Freddy's beloved
Joined
Apr 21, 2004
Messages
249
For your enlightenment, Catsby came across this material whilst searching for pornorgraphy.
 

xane

Fledgling Freddie
Joined
Dec 22, 2003
Messages
1,695
I'm more worried about someone getting into the network than picking up my transmissions. Can they crack the MAC key restrictions ?
 

Jonty

Fledgling Freddie
Joined
Dec 22, 2003
Messages
1,411
For those interested, Microsoft recently released WPA2 support for Windows XP SP2 machines to bolster wireless security. The linked webpage details what the update is all about.

Kind Regards
 

Users who are viewing this thread

Top Bottom