WPA - Gone in Sixty Seconds

Quote:

---

Originally Posted by DragoonXX

even the intel wireless network scanner can pick up on non broadcasting SSIDs..I know one time I had to do some re-working of something my mom wanted to print off at costco...picked up like..15 non broadcasting SSIDs

---

Thats true.... on my old Toshiba Protege the Intel app that come with it shows up hidden SSID. :up:

Quote:

---

Originally Posted by [XC] Lead Head

Two best ways to not get hacked:

1. Live in the middle of the woods away from any local road or houses.
2. Use a wired network.

I use both.

---

I am reminded of a picture that has condom put over the ethernet plug. Does this still secure our computers?

Yeah really WPA2, it's kind of common knowledge.

i just run WPA on mine

most the people in range of me are old farts, and half the routers in range dont have any pass protection at all, so my network being a target is going to be slim

besides there is slightly less overhead with wpa, over wpa2 on 54G

Quote:

---

Originally Posted by Serra

WPA is NOT crackedIf you have WPA2 and a solid passPHRAISE (not passWORD), then the SSID and MAC filtering are just inconveniences to you.

---

Yes, granted. Mine is a complete sentence, with punctuation, and not in English. :P the SSID and MAC setups I have aren't inconveniences, takes me 5 minutes (if that), but I understand what you're saying.

Your brute force attack is no match for my prepositions. :D

I guess I forgot to mention I'm not broadcasting on standard frequencies either, before everyone jumped my [banana]. My list wasn't definitive, it was a list of "these are SOME things to run."

There's more, but I'm not tellin...

Quote:

---

Originally Posted by youngpro

its only a matter of time until wpa2 is totally compromised like wep...

if you want a proper wireless security standard please consider EAP-TLS... certificate authentication is always going to be harder to crack than password based

---

What? For WPA2 to fail, AES must fail. Unless there is an algorithmic attack against it which has not been found yet, that will not happen (and yes, that is strongly looking like the only way). But is it likely to? Well, to give you some food for thought, the encryption algorithm DES has been studied since about the mid 70s, so over 30 years now, and it has not been cracked. So why you feel that encryption is inherently crackable I do not know. It could very well turn out that it is, but historically it is not true that systems will fail (I think we can say that over 30 years of analysis is pretty damn good).

And again, WPA is not cracked. This is a slim-jim into a particular cipher stream, and by it's very nature certain conditions must be met to be at all effective, and the time it requires in the wild is still almost too high to be useful in any way (cipher streams change over time).

Quote:

---

Originally Posted by zanzabar

not all devices work with wpa2 and this is only for tkip not for aes, i dont think that u understand anything on security unless u have an enterprises setup with a polymorphic key u wont keep people off of a wireless network, u can spoof macs to connect even if u have filtering and if u have a hidden ssd there are ways to pick it up for connecting devices.

---

what if you have 9,000,000,000 fake aps? :D

it will take u a while to find mine :p: :up: There is a linux app that lets you create fake AP's .... security through obscurity

no it's not # 1337 ;)

Quote:

---

Originally Posted by Buckeye

Not like they have anything to steal anyway on thier comp, besides free use of thier wireless. Virus that they have no clue about do far more harm.

---

I read this news and it clearly stated it's not a password sniffer at all, so you can't connect to the WPA protected network.

What the hack does indeed is decrypt the data sent, hence your bank account passwords and all...

Can't find the link, sorry