[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] WEEPING FOR WEP
- To: Mike Vasquez <mike.vasquez@xxxxxxxxx>
- Subject: Re: [Full-disclosure] WEEPING FOR WEP
- From: Troy Cregger <tcregger@xxxxxxxxxxxxxxx>
- Date: Mon, 09 Apr 2007 09:11:36 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ahh those windows, drafty things, always letting the elements in, might
want to get some plastic up over em'... better yet, replace them altogether.
- -tlc
Mike Vasquez wrote:
> Nice, even better. So that means a lot of the higher end APs that use
> sophisticated techniques (smaller IV pools, dynamic, etc) are going to
> be much less effective. I know a few large entities that will be
> affected negatively. Time to seriously upgrade the wireless security!
>
> People who don't think they need more than wep are fooling themselves.
> Kids will a) build that cool pringles can antenna to experiment... b)
> run kismet to explore the wireless around them, and c) practice their
> wepcracking on your network. what's next? Exploring your windows
> machines once they're on.
>
> They'll be destructive just b/c they can. Keylogger on your home pc?
> cake. Do you patch every day? All they need is one windows
> vulnerability to get access to all your data. Anything think that if
> they wait long enough, a windows flaw will come around? hrm? and
> *then* your network will be... their network.
>
> It's really not that far fetched.
>
>
>
> On 4/6/07, *george_ou@xxxxxxxxxxxxxxxx
> <mailto:george_ou@xxxxxxxxxxxxxxxx>* < george_ou@xxxxxxxxxxxxxxxx
> <mailto:george_ou@xxxxxxxxxxxxxxxx>> wrote:
>
> With the newest crack released earlier this week from the German
> researchers that reduces the number of packets by an order of
> magnitude, that's under 1 minute on average with ARP replay on an
> 802.11g network. About 20 seconds average if the network is going
> full blast on its own.
> http://blogs.techrepublic.com.com/Ou/?p=464
>
>
> George
>
> -------- Original Message --------
> Subject: Re: [Full-disclosure] WEEPING FOR WEP
> From: "Mike Vasquez" <mike.vasquez@xxxxxxxxx
> <mailto:mike.vasquez@xxxxxxxxx>>
> Date: Fri, April 06, 2007 1:22 pm
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> <mailto:full-disclosure@xxxxxxxxxxxxxxxxx>
>
> And traffic rate shouldn't be in the discussion either, since
> arp-replay allows enough packets to be captured, on most home
> equipment, in about 20 minutes if you're unlucky, and attacking
> 128-bit wep. 64 bit keys can be had in under 5 minutes, 128 in
> under 10, and all you have to do is be connected for that length
> of time.
>
>
>
> On 4/6/07, *george_ou@xxxxxxxxxxxxxxxx
> <mailto:george_ou@xxxxxxxxxxxxxxxx>* <
> george_ou@xxxxxxxxxxxxxxxx <mailto:george_ou@xxxxxxxxxxxxxxxx>>
> wrote:
>
> But WPA-PSK mode is even easier to use than WEP. Why would
> you use WEP. Distance isn't really a problem with a pringle
> can antenna.
>
>
> George
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
>
> Full-Disclosure - We believe in it.
>
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
>
> Hosted and sponsored by Secunia - http://secunia.com/
> <http://secunia.com/%3C/pre>
>
> >
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGGjuInBEWLrrYRl8RAtCzAJ9gnQ6Dhkop1UPKljj838IKdL62wwCeP8rY
3bdPwHcY5nJGOp6gRDl0JO4=
=NLCA
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/