[ale] wireless sanity/security check

Jeff Lightner jlightner at water.com
Wed Jan 6 11:56:01 EST 2010


I was referring to this story from August and also misspoke - I said
less than an hour and the story was about less than a minute:

http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi
-fi.html

It suggests that WPA with AES and WPA2 aren't quite so easy to hack.
Also other reading suggests the link you've sent relates to getting
access to the wireless router to use free ISP service but doesn't allow
you to see the encrypted traffic of other users on that router.

-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Jeff
Hubbs
Sent: Wednesday, January 06, 2010 11:06 AM
To: Atlanta Linux Enthusiasts - Yes! We run Linux!
Subject: Re: [ale] wireless sanity/security check

Just to at least partially answer my own question - I found this at 
http://forum.codecall.net/security-tutorials/13997-cracking-wpa-wpa2-net
works.html 
that would seem to suggest an implication of a notion that WPA2 isn't 
much better than WPA w.r.t. crackability...true?

- Jeff

On 1/6/10 10:51 AM, Jeff Hubbs wrote:
> Can someone elaborate on this WPA/WPA2 vulnerability issue?
>
> - Jeff
>
> On 1/5/10 9:41 AM, Jeff Lightner wrote:
>    
>> By the way - WPA can be cracked in less than an hour as demonstrated
a
>> couple of months ago.  WPA2 is the way to go.
>>
>> -----Original Message-----
>> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of
Pat
>> Regan
>> Sent: Monday, January 04, 2010 11:24 PM
>> To: Atlanta Linux Enthusiasts - Yes! We run Linux!
>> Subject: Re: [ale] wireless sanity/security check
>>
>> On 01/04/2010 05:17 PM, Mark Wright wrote:
>>
>>      
>>> I didn't ask the question about wireless security because I thought
>>> wifi could be intrusion proof.  I just wanted to confirm that giving
>>> my friends advice to use MAC filtering wasn't real bad advice.
They
>>> had failed to get WPA working and there were Christmas presents that
>>> were not being played with.
>>>
>>>
>>>        
>> MAC filtering will not keep very many people out if they are actively
>> trying to "steal" your bandwidth.  The only people you're likely to
keep
>>
>> out with MAC filtering are the people who think they are connecting
to
>> their own network but they are connecting to yours by mistake.  It is
>> amazing how often that happens.
>>
>> I'm much more paranoid about connecting to an unknown network than I
am
>> about people cracking into mine.  I seem especially paranoid in
hotels.
>>     I know that if I can fire up wireshark and steal unencrypted pop,
>> imap, and instant messenger password, so can someone else.
>>
>> I nearly always VPN or use an SSH proxy on any scary wifi connection
:).
>>
>>
>>      
>>> The problem is both of my friends couldn't get WPA to work.  My
>>> wife's sister in law was refusing to use her new laptop because her
>>> husband had turned WPA off to get it on the internet.  I told them
>>> how to set up MAC filtering over the phone and now she is surfing
the
>>> internet confident that her computer is safe.  Just like she sleeps
>>> soundly because she doesn't know how easy it is to break into her
>>> locked house.
>>>
>>>        
>> With any semi-modern hardware (3-4+ years?) I wouldn't expect
wpa/wpa2
>> to be a problem.  WEP tends to be problematic because there is more
than
>>
>> one algorithm for converting a passphrase to a hex key.
>>
>> MAC filtering will likely narrow the opportunity for attack, though.
If
>>
>> someone drives by while no authorized machines are connected then
they
>> will not see any valid MAC addresses to clone.
>>
>> Pat
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>> Proud partner. Susan G. Komen for the Cure.
>>
>> Please consider our environment before printing this e-mail or
attachments.
>> ----------------------------------
>> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or
confidential information and is for the sole use of the intended
recipient(s). If you are not the intended recipient, any disclosure,
copying, distribution, or use of the contents of this information is
prohibited and may be unlawful. If you have received this electronic
transmission in error, please reply immediately to the sender that you
have received the message in error, and delete it. Thank you.
>> ----------------------------------
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
>>      
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>    

_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo



More information about the Ale mailing list