|
Full Disclosure
mailing list archives
Re: WEEPING FOR WEP
From: Troy Cregger <tcregger () kennedyinfo com>
Date: Mon, 09 Apr 2007 09:11:36 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ahh those windows, drafty things, always letting the elements in, might
want to get some plastic up over em'... better yet, replace them altogether.
- -tlc
Mike Vasquez wrote:
Nice, even better. So that means a lot of the higher end APs that use
sophisticated techniques (smaller IV pools, dynamic, etc) are going to
be much less effective. I know a few large entities that will be
affected negatively. Time to seriously upgrade the wireless security!
People who don't think they need more than wep are fooling themselves.
Kids will a) build that cool pringles can antenna to experiment... b)
run kismet to explore the wireless around them, and c) practice their
wepcracking on your network. what's next? Exploring your windows
machines once they're on.
They'll be destructive just b/c they can. Keylogger on your home pc?
cake. Do you patch every day? All they need is one windows
vulnerability to get access to all your data. Anything think that if
they wait long enough, a windows flaw will come around? hrm? and
*then* your network will be... their network.
It's really not that far fetched.
On 4/6/07, *george_ou () lanarchitect net
<mailto:george_ou () lanarchitect net>* < george_ou () lanarchitect net
<mailto:george_ou () lanarchitect net>> wrote:
With the newest crack released earlier this week from the German
researchers that reduces the number of packets by an order of
magnitude, that's under 1 minute on average with ARP replay on an
802.11g network. About 20 seconds average if the network is going
full blast on its own.
http://blogs.techrepublic.com.com/Ou/?p=464
George
-------- Original Message --------
Subject: Re: [Full-disclosure] WEEPING FOR WEP
From: "Mike Vasquez" <mike.vasquez () gmail com
<mailto:mike.vasquez () gmail com>>
Date: Fri, April 06, 2007 1:22 pm
To: full-disclosure () lists grok org uk
<mailto:full-disclosure () lists grok org uk>
And traffic rate shouldn't be in the discussion either, since
arp-replay allows enough packets to be captured, on most home
equipment, in about 20 minutes if you're unlucky, and attacking
128-bit wep. 64 bit keys can be had in under 5 minutes, 128 in
under 10, and all you have to do is be connected for that length
of time.
On 4/6/07, *george_ou () lanarchitect net
<mailto:george_ou () lanarchitect net>* <
george_ou () lanarchitect net <mailto:george_ou () lanarchitect net>>
wrote:
But WPA-PSK mode is even easier to use than WEP. Why would
you use WEP. Distance isn't really a problem with a pringle
can antenna.
George
------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
<http://secunia.com/%3C/pre>
>
------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGGjuInBEWLrrYRl8RAtCzAJ9gnQ6Dhkop1UPKljj838IKdL62wwCeP8rY
3bdPwHcY5nJGOp6gRDl0JO4=
=NLCA
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: WEEPING FOR WEP, (continued)
|
Intro
