Slashdot Mirror
WEP And PPTP Password Crackers Released
Jacco de Leeuw writes "SecurityFocus published an article by Michael Ossmann that discusses the new generation of WEP cracking tools for 802.11 wireless networks. These are much faster as they perform passive statistical analysis. In many cases, a WEP key can be determined in minutes or even seconds. For those who have switched to PPTP for securing their wireless nets: Joshua Wright released a new version of his Cisco LEAP cracker called Asleap which can now also recover weak PPTP passwords. Both LEAP and PPTP employ MS-CHAPv2 authentication." Update: 12/22 00:14 GMT by T : Michael Ossmann wrote to point out his last name has two Ns, rather than one.
This is very old, I read this on securityfocus about a week ago.
Not at all..
yes you are... you should be !!!!
he. what the. Who ?
hahaha got you.
NO DON'T PRESS...
Too late !!..
SUBMIT..
Its obvious that people now hav ethe ability to go around neibourhoods and gain access to these networks for any purpose!
Can we be blamed if the tenant runs a pot-growing facility in our basement? Is it the same?
Every communication which uses passwords for authentication is susceptible to dictionary attacks. That is not a protocol weakness. If you use a random and long enough password, you'll be fine. Public key based authentication has other risks, like insufficiently secured storage of the key.
It's far better not to rely on wireless link encryption and encrypt your application-level protocols instead. SSL for web browsing, PGP or S/MIME for e-mail, ssh for login. Far better algorithms, far better key management.
Great, I will be leaving for a business trip soon, and now I can freely *access* those commercial WEP enabled Wi/Fi access points in many airports without risking my credit card.
Seriously though, Wi/Fi has to be treated like an unsecure public network, and anyone wants to restrict access they should use a more secure protocol like IPSec in host-to-host mode. Do not count on Wi/Fi manufactures to protect you, for some reason they just simply refuse to provide secure products.
RATS! And I thought it was ************. Oh well, back to the 133T Guide to H4CKing....
In Soviet Russia, your password hacks YOU!
I, for one, welcome our PPTP-password-cracking-slammer-leaving overlords
My Favourite Meme
Well, I wrote some thoughts on Wireless and Security in my blog which I now copy here.
# setting up secure connections is too difficult for the lay person. We need standard Diffie-Helman key exchanges. I saw on the internet that it is available on some access points, but it just should be the standard of the IEEE. As far as I could find with Google it isn't yet. I can't understand why.
# Securing accesspoints should be mandatory. There are too many open access points available. There is no use for anonymous connections over a random family's access point, it only endangers them into being seen as cybercriminals.
# If people want to make it possible for neighbours and strangers to make use of their access point it should be done in the same way hotspots are now available at airports and Starbucks. Make it possible to extend the official network of the ISP to a users access point. This way if I open up my laptop and there is an access point available of Joe User, I can only hook up to it by propperly logging in to the ISP's network or use the airport/credit card system. This will require many roaming agreements etc, but it would bring security and convenience at the same time. It should be done in such a way that the person opening up his network in this way can throttle the speed of the guest users and/or the times they can access. So I would like to see a rule like "Guests can only connect when I am not connecting" or "Guests only get 1mbit/sec".
Use Adsense for Charity
I'm not that familiar with wifi tech, but I've if I understand this correctly, would this mean that even if someone has protected their wireless network with MAC control tables, it could be now compromised?
Is it possible to sniff the MAC address from the traffic as well? This would mean that even if there's MAC control table in use, it could be by passed as the password can also be cracked.
But in south Korea, only old people use WEP anyway!!!
10 ?"Hello World" life was simple then
Any encryption can be broken - given enough resources ... The trick is to make it so difficult that nobody finds out unless they are prepared to invest more than what you did (time, computing power, money, technology).
Interestingly in India, according to Department of Telecom website - security means something differentQuidquid latine dictum sit, altum videtur
And I thought they had released some crackers from prison...
Timo's Audio Software http://www.esseraudio.com
Would you like to search for a wireless basestation?
......
Yes.
Would you like to connect?
Yes.
A few minutes or even seconds later
Todays cpu's really can "get you on the internet faster".
But the good ones only allow online dictionary attacts. LEAP, PPTP, WEP, and unfortunately WPA all allow offline attacks.
Finally! A year of moderation! Ready for 2019?
After capturing packets in kismet for 3 days (1.2million crypt packets), I successfully ran aircrack on the resultant .dump files. The WEP cracked almost as soon as the dump files had been parsed.
However, the essid remained hidden. How does one use the WEP key without an ssid?
lol lol lol, no one could ever crack my...
[NO CARRIER]
Every communication which uses passwords for authentication is susceptible to dictionary attacks. That is not a protocol weakness. If you use a random and long enough password, you'll be fine. Public key based authentication has other risks, like insufficiently secured storage of the key.
First, you will note that the attack on WEP (but not on PPTP) is not a dictionary attack and works with a computer-generated random 64- or 128-bit key. This is a protocol weakness.
Second, a good protocol does protect passwords. Either it establishes an encrypted session with the server, like SSH or SSL does, or it uses a secure password protocol like SRP. SRP in particular has the following properties:
1) The protocol is entirely public, and open-source implementations are available.
2) An eavesdropper on the wire does not get a dictionary attack on the password; without breaking the crypto behind the protocol, which nobody has been able to do yet, he gets no information. Of course, he can still do an online attack, but the server should prevent that.
3) Someone impersonating the server also does not get a dictionary attack on the password, even though the client does not need to memorize a key hash.
4) Someone who compromises the server database does get a dictionary attack on the password (this is inevitable), but they don't get the password for free. Furthermore, the password is salted, so they have some work to do.
I hereby place the above post in the public domain.
Before authentication there's always the possibility of a man in the middle, who could then perform offline attacks. I don't think any protocol can avoid this. However, an attack on passively captured data is worse, I'll give you that.
what about bank card or mobile phone PINs? get it wrong 3 times in a row and you're locked out and need to have your card/phone reactivated.
if the protocol or system involved doesn't allow for a penalty against failed atempts, then that IS a weakness.
And in soviet Russia, WEP crack you!
A failed attempt penalty is a DoS risk. Trading false positives for false negatives can also be seen as a security problem.
If you bought one of those shiny new 802.11{abg} access points so you could be lazy and use your laptop in bed without a bunch of cords dangling all over the place, you have a decision to make. Do you want your neighbors and random strangers using your Internet connection?
If you decide you don't want other people using your connection, then don't do these things:
Hm, what's the point of enabling all that security if it's so easy to get around? Here are some other things you might try:
Hm, you may as well just take the damn thing back and get a refund, and suffer the Ethernet cord.
How am I supposed to fit a pithy, relevant quote into 120 characters?
If I want to create a wireless network and make it secure, using Win32, what should I do then? I used to think that encrypted PPtP is enough. I guess it isn't.
Slashdot community, please notice: I am looking for a girlfriend.
Nave H. Weiss
If you have automatic server authentication (which is often fairly easy to do with certificates or simply stored keys a la ssh) then you can avoid man-in-the-middle.
Finally! A year of moderation! Ready for 2019?
Thank goodness for firmware upgrades.
Electrons are free; it is moving them that becomes expensive.
This article shows that the time needed to break WEP is smaller than previously demonstrated, not that WEP is any less safe than before. Really, we've known WEP was no good for a _long_ time. The reasons are well known. Both WPA and the recently ratified 802.11i RSN provide good solid fixes to link layer wireless security.
So, this isn't really "new" news, although it should reinforce the message that WEP is worse than useless.
WEP: Dead Again, Part 1 by Michael Ossmann last updated December 14, 2004 Introduction
This article is the first of a two-part series that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes. Part one, below, compares the latest KoreK based tools that perform passive statistical analysis and brute-force cracking on a sample of collected WEP traffic. Next time, in part two, we'll look at active attack vectors, including a method to dramatically increase the rate of packet collection to make statistical attacks even more potent.
Is WEP that bad?
Many security folks and even more wireless folks these days are saying that WEP isn't all that bad. They say that if you use modern equipment that filters weak Initial Vectors (IVs) and change your keys frequently (or at least once in a while), nobody will ever crack your WEP. Sure, maybe some next-generation WEP attacks will arise one day that will change everything, but WEP is okay today for all but the most sensitive networks. Well, that next-generation is already here, heralded by highly functional tools that make WEP look weaker than Barney Fife on guard duty, sleeping on the job.
Let's take a look at some of the new tools that should be in every penetration tester's bag of tricks, rather then delving into the details of why the various attacks work. Time and time again, the industry has shown that it will not reject broken security safeguards until attacks are actually demonstrated in the real world. Here's how to quickly turn some heads.
The way things were
Since the summer of 2001, WEP cracking has been a trivial but time consuming process. A few tools, AirSnort perhaps the most famous, that implement the Fluhrer-Mantin-Shamir (FMS) attack were released to the security community -- who until then were aware of the problems with WEP but did not have practical penetration testing tools. Although simple to use, these tools require a very large number of packets to be gathered before being able to crack a WEP key. The AirSnort web site estimates the total number of packets at five to ten million, but the number actually required may be higher than you think.
The first caveat to this old approach is that only encrypted packets count. As wireless access points transmit unencrypted beacons several times per second, it is easy to be fooled into believing that you have a larger number of useful packets than you really do. If you use Kismet for network discovery and sniffing, it breaks down the packet count for you, displaying the number of "Crypted" packets separately from the total number, as shown below: Figure 1. Kismet in action.
The second thing working against your packet collection efforts is that only certain "interesting" or "weak" IVs are vulnerable to attack. Kismet also tells you how many of these have been gathered, although it may not use the same counting method as the various cracking tools. To make matters more difficult, wireless manufacturers responded to the FMS attack by filtering out the majority of weak IVs that their access points and wireless cards transmit. Unless your target network is using old equipment, chances are you'll have to collect no less than ten million encrypted packets to crack a WEP key using these older tools.
In early 2002, h1kari released a tool called dwepcrack (part of the bsd-airtools package) that improved upon the existing implementations of the FMS attack. Although dwepcrack did a good job of advancing the practical implementation of statistical WEP cryptanalysis, its improvements were only incremental.
Tools that changed everything
On August 8th, 2004, a hacker n
This space is intentionally staring blankly at you
Joshua simply rocks, this guy works well. Again.
I did not trust WEP even before this tools were released. I read a bit about securing the connection independent of the wireless equipment. Treating the wireless connection like a public network, I set up a Virtual Private Network (VPN). I'd like to share my experiences:
:).
IPSec would have been the most secure solution, but despite public belief it's not that secure:
. html
First I tried to setup IPSec. It was a nightmare. Although I know a lot about computers and networks I did not manage to setup IPSec. It's configuration is so complicated, I have no clue. Although, it must be possible to get IPSec running, maybe it's just me who is too stupid
http://www.schneier.com/paper-ipsec.html
Then I tried Cipe. It was very easy to get it running, but it's horribly insecure. Peter Gutmann wrote a nice article, which was in the news on slashdot some time ago:
http://lists.virus.org/cryptography-0309/msg00257
In that article I read about tinc, which I now use. It's almost as easy to setup as cipe, but more secure (although not perfect and not as good as IPSec). Here is the answer of the developers of tinc to Peter Gutmann's article:
http://www.tinc-vpn.org/security
So, maybe if you believe them it's not that bad, I'm not sure about this.
I think one great advantage of the VPN-solutions is that AFAIK there are no tools available that make cracking them as easy as cracking WEP. So the "common War Driver" or Script Kiddie has no clue what to do, you'd need some kind of expert to crack your connection. And, if such an expert is trying to break your security, you maybe have a bigger problem anyway.
I just wanted to have an acceptable level of security and lock War Drivers out.
I have like 5 WAPs plugged in - but only one of them is actually plugged into the network. Go ahead, waste some time cracking the WEP keys on the 4 other ones that don't even have ethernet cables plugged into them. muhahahahaa..
The 5th one is a flaky piece of crap anyway and will likely just fry your WiFi card when my roommate fires up the microwave.
One question.... I've seen some equipment which actually hides the ESSID .... which means that if you scan for access points (using the common tools) you will not find anything. Now the thing is, using "any" as essid on your client, will connect it to the AP?? secondly, can the essid be obtained without accessing somebody's computer with access to that AP? Because if both questions are NO, them at least the access to your network will be secure enough from the occasional "bandwith leeching neighbour". On the other hand I think this would not pevent somebody from sniffing the data passing by, would it?
I am not an expert on security -- could someone just tell me in 1 sentence whether PPTP can be considered 'secure' for a VPN at the moment? Or is it worth going to some other VPN infrastructure?
Thanks to anyone who replies.
Whence? Hence. Whither? Thither.
And in china WEP is always positive.
Can we stop now?
I had a sneaky neighbor using my wireless internet for a while since I had accidentally removed WEP and was broadcasting my SSID. They decided to download a movie via Suprnova and the RIAA caught on.
Guess who got a notice from the ISP/RIAA? Me. My neighbor is clean and clear!
Sharing your internet without limits (or accidentally, in my case) is a BAD IDEA. If someone wants internet access, let them pay for it.
This is actually quite scaring. One of my neighbours's computers were confiscated by the police about a month ago because of alleged child pornography downloading (3 pictures.) The house was empty at the time of the crime though (it was before noon,) and they had a wireless network (which wasn't protected by anything, not even WEP,) so anyone could have stood on the sidewalk and downloaded the pictures. They'll get their computers back in about 6 months...
it can be easy but mostly its hard to get servers to talk to each other
IPSec is cross platform people and AIRPORT people should just use it and dump the crypto stuff on the cards and let the OS deal with it
N. Ferguson and B. Schneier "it is the best IP security protocol available at the moment." bbut dont like the fact the config is hard...
push the vendors to all support IPSec and make config easy and bingo "the world is a better place" tm
do it
john jones
So are WPA-secured networks still fine? Also, how long might it take for us to get routers that can detect when they're being attacked and ban by MAC addresses?
anyone else read this as someone who had gone to jail for cracking the passwords and they had just been released from jail? ...anyone ... hello .. it is so cold and lonley....
We should see more movement towards encryption at the IP layer with something like IPSec.
:(
I know its not the "magic bullet" but it would certainly help with some areas of weak security.
Only problem is that no-one is interested in implementing IPSec. Why cant we implement IPSec like we do with IPv6 where if both ends support it, it gets used.
Then, people can install IPSec on their clients and servers and start using it.
Although unless Microsoft added IPSec support to tcpip.sys or whatever (and released versions for current MS operating systems), its probobly not going to go anywhere
Is it digitally signed?
Here's a tidbit from Microsoft Website:
MS-CHAP v2 is a password-based, challenge-response, mutual authentication protocol that uses the industry-standard Message Digest 4 (MD4) and Data Encryption Standard (DES) algorithms to encrypt responses. The authenticating server challenges the access client and the access client challenges the authenticating server. If either challenge is not correctly answered, the connection is rejected. MS-CHAP v2 was originally designed by Microsoft as a PPP authentication protocol to provide better protection for dial-up and virtual private network (VPN) connections. With Windows XP SP1, Windows XP SP2, Windows Server 2003, and Windows 2000 SP4, MS-CHAP v2 is also an EAP type.
Although MS-CHAP v2 provides better protection than previous PPP-based challenge-response authentication protocols, it is still susceptible to an offline dictionary attack. A malicious user can capture a successful MS-CHAP v2 exchange and methodically guess passwords until the correct one is determined. Using the combination of PEAP with MS-CHAP v2, the MS-CHAP v2 exchange is protected with the strong security of the TLS channel.
The editor's implication is that MS-CHAP is what makes PPTP and LEAP weak. But the reality is that M$ acknowledges it, and depends on an encrypted channel to make the authentication truly strong. CHAP is inherently breakable, whether it's an MS implementation or not.
AnimeNEXT anime convention
Call me old fashioned, I still prefer UTP for regular home use. I really like the 'It just works' feeling of it. And once it works, it keeps working, unlike wireless that mysteriously feels the need to go down once in a while.
Also, if you have a regular RTL8139 or NE2000 clone like I do, no exotic drivers are needed either to get things up and running.
Disclaimer: I don't have a clue about the current state of wireless on live distro's such as knoppix. Anyone hit me with a clue bat please?
Visit http://ringbreak.dnd.utwente.nl/~mrjb/growingbettersoftware to download your free copy of the book
Who still uses WEP? The weeknesses in WEP have been known for some time, and there have been more than a few working crackers in the wild for quite a while now.
WPA is the money. It's far more secure than WEP in that it has key rotation, and some of the snazzier base stations already support AES as the cryptographic algorithm. Most older stations with dilligent vendors will at least support WPA with TKIP (RC4 with rotating keys), since it's a trivial addition from a compute-intensiveness point of view.
That said, if you do insist on sticking with WEP (some people prefer classic cars to modern ones as well, I guess), or even less (ie, run an open base station) at least ensure that your access point is configured to only allow your specific MAC (as well as those you trust) to peer with it. This will at least keep the bandwidth sucklers off your back.
Unless, of course, being suckled upon is what you like. At that point, do what you want. I'm Canadian, so my personal bandwidth is everyones bandwidth.
Ahhh... socialism. :)
As for PPTP, switch to using KAME, FreeS/WAN or your IPSec implementation of choice. You can, of course, even use IPSec to do transport level encryption for your wireless connection if your base station doesn't support WPA, though you would need additional boxen to do this, of course.
Both of these (WPA and IPSec) provide the same functionality as what they replace (WEP and PPTP) with additional security benefits. We moved to WPA for our corporate access points over a year ago and have been running a 100% IPSec (SonicWall, specifically) VPN for just as long. They're functional, production tested and very secure.
Don't wait. Do it now.
bash-3.00$ uname -a
SunOS panda 5.10 Generic sun4u sparc SUNW,Ultra-2
At the previous SANE conference (on Systems Administration) there was an excellent poster presentation titled "PPTP Must Die" by Jacco de Leeuw.
The poster (and website below) explain what's wrong with PPTP, and present the alternative: L2TP/IPSec which is widely available. Having been implemented later than PPTP there are some holes in the specs, being filled by pseudo-standards for the time being.
Jacco's site is here. HTH.
regards, olly.Why don't you all do what I did: wrap your house in tinfoil! That has the added benefit of letting you take your tinfoil hat off while you're inside. It's the ultimate in convenience and security! :-)
I use IPSec with digital certificate authentication with 4096 RSA key that changes every 2 years along AES 256-bit key that is used as the session key that changes every 4 hours.
You're given a key for your computer. This key is entered into a list of keys on the server. The server decrypts each incoming transmission with all valid keys to determine the source, and encrypts all outputted signals with their own keys for each client, and the encrypting and decrypting keys are different.
;)
:P This would be something such as an office setting where the area is not very open. Your competitor has the office across the street and you're not allowed to throw rocks at them when they sniff the wireless anymore.
So, for each client there are four keys. One to encrypt information sent from client to server (residing only on client), one to decrypt this information (residing only on server), one to encrypt information sent from server to client (only on server), one to decrypt information sent from client to server (only on client). Plus the server has its own internal key so that even if the encryption for two clients between two computers is identical, the decryption is different. Same for the client. Ok ok- 6 keys.
Ignoring the complication, overhead, and excess noise produced by this, wouldn't it be better than say... WEP?
Just to clarify, it can crack the code in minutes or even seconds after you've already captured at least about a quarter of a million encrypted packets, maybe more. That will take longer than just a few minutes or seconds, most likely.
It makes so much more sense for everyone to remember or write down a few 1024-bit key pairs instead of those silly 128-bit WEP keys. SSL and PGP are solutions to different problems.
Microsoft outsourced their IPSec implementation to Cisco. You can fire up the MMC and load the IPSec protocol and policy management tools.
Have Fun!
I haven't looked at it for a while, I provided a few suggestions a while back. I thought it was a good idea. For non-authorised subnets, it sends bogus ARP replies, with bogus MAC addresses.
ipsentinel
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
Actually this is an interesting point because you would almost certainly get pinned for not taking reasonable steps to prevent the person from growing pot in your basement. However, it's highly unlikely that anyone would expect you to take reasonable steps to prevent unauthorized access to your network if only for the simple fact that practically everyone is clueless when it comes to this stuff. It's a bit of a shame how that works, as far as liability goes.
it's the client software that's a pain. I use wolverine (linux based firewall) that has pptp and ipsec built in. The pptp connections are easy as windows has a client built in. I cannot, however, find a free client for windows on the ipsec side. Anyone know of one? Yeah, I'm cheap but it's for my home network.
WPA allows offline attacks but it's my understanding that it takes some time to crack WPA? Now, my WPA key is temporary - changing every 60 minutes. Therefore, even an offline dictionary attack, which will almost certainly take longer than 60 minutes, is kind of useless??
Am I correct on these assumptions? Anyone know for sure?
Personally, I use LucidLink software http://lucidlink.com/ to secure my wireless network. Not only does it autoconfigure my access points to set up WPA, it also implements RADIUS to authenticate users. Managing users on the network is a snap, as is setting everything up. LucidLink has also won WiFi Planet's best of show two years in a row and was just named CRN product of the year.
Is it something extra you have to pay for?
Or does it come standard with the OS?
Is there a reason why OS vendors (or more specifically those who write TCP/IP stacks/code) dont add IPSec and have it on by default?
Is there action that has to be taken to use IPSec (e.g. obtaining certificates/keys or something) that prevents it from being "on by dfefault"?
SSH is a lot easier to setup, and in its basic password-based form it's as secure as a VPN. It's pre-installed on most Linux systems, but you can always compile and set it up yourself. But if you're running Windows, you'll need to use the Cygwin version instead.
I saw the title -- WEP And PPTP Password Crackers Released -- and thought perhaps it was time to try out some new Christmas party tray snack crackers. Very geeky food.
Alas, I shall have to return my Publix-brand caviar and this goose pate I bought frozen from SAM's Club. I'm keeping the cheese ball, though. And the cocktail weiners.
IronChefMorimoto
Welcome to post 911 America
Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
I was thinking of using Poptop over a Netgear WiFi router. This gives me pause.
I am thinking that it may be better to simply leave the router wide open, then put only an OpenBSD system with routing disabled on the other side of the router.
I'll allow only SSH into the OpenBSD system, then set up an HTTP proxy that only accepts connections from localhost. I'll then use PUTTY port forwarding on the clients, then proxy off localhost port 80.
IPSEC looks like the only other option, and it looks a lot harder.
I use it to secure my wireless link. It's in active development, makes extensive use of the OpenSSL library for authentication and encryption operations, offers pre-shared private key, certificates, and PAM based authentication. It's really worth it.
http://openvpn.sourceforge.net
The point is that I don't have to be totally secure, just more secure than my neighbors. Unless I am specifically targeted by some scoflaw, there are a lot easier access points to get to in my neighborhood for general malfeasance.
That is all.
And there are no free win32 clients.
On top of running your WEP encryption with a non-dictionary randomly generated key you should also be running a VPN through that and treating it as a insecure public connection. You might even want to make sure your interactions through sensitive material then be done with SSH/SecureFTP, or RSA for web pages, through the encypted tunnel through the encrypted wireless link. Of course, this is for anything sensitive like server administration or sensitive data transmission and might be overkill for some situations. But, if you don't go to these lengths, you shouldn't be sending data over wireless that you wouldn't want to get out.
You can do offline attacks on the shared private key with WPA-PSK, if you just sniff the key exchange. I would be surprised if you change your shared private key every 60 minutes. That would be an awful lot of work.
Finally! A year of moderation! Ready for 2019?
Would someone with a clue mind pointing out a decent access point running WAP that can keep me covered for another year? Because when I look around, I usually end up with the following dilemma:
- If it runs WAP, it's probably been rushed to market and has plenty of serious security issues that will give up my keys, admin access, whatever, making the whole thing a moot point.
- If it's been on the market long enough that I can fix the really heinous flaws with firmware updates, it runs WEP.
The moral of this story is that your security doesn't need to be perfect, it just needs to be 'good enough', and in this case 'good enough' is probably merely 'better than the muppet next door who hasn't secured their network at all'.
I use WEP to secure my wireless LAN. Does it bother me that it's possible to crack? Not really, because there are at least 2 other networks in my apartment building (with SSIDs of 'linksys' and 'default') which don't appear to have any kind of security at all. Which means that someone casually looking for a free connection is going to use them, not me. If someone really wants to compromise my network specifically, and has the time and skill to do so, well, then I have bigger problems...
No, WPA does not necessarily allow online attacks. Cisco's LEAP authentication for WPA does, but everyone else seems to be moving (and Cisco supports this also) to PEAP authentication, which is MS-CHAPv2, but wrapped in an SSL-encrypted session. So offline dictionary attacks are much, much more difficult since the SSL session uses a new key every authentication attempt.
I have a wireless network in my place. About 5 months ago, out of paranoia I turned the wireless networking off and unplugged the wireless bridge. Calmly, I used the old trusty rj45 jacks and a 20 foot long ethernet cable. Wireless is slow anyways.
Turns out air, plastic shielding and copper wire has security benefits I couldn't of fathomed.
I'm surprised why many public companies have internet connections anyways. Only a small subset of employees really need it. That is, the people who need to contact the outside. Departments would be sales, marketing and executives. Nobody else should be on the internet. And ban those flash usb devices as-well.
Make you wonder about all these wireless phones we use... the phone in the bat cave is more secure by todays standards.
Karma: Chameleon (mostly due to the fact that you come and go).
Welcome to post 911 America
/.
So was this law passed after 9/11? Or is that your catchy phrase that you use to try getting your point across?
Welcome to
By far the best way to accomplish that is by using OpenVPN.
;-)
:-) However, it's behind a totally restrictive firewall. The only way to work around that is to open an OpenVPN tunnel. Then you can do pretty much anything, through the tunnel, of course.
I tried everything, IPSec, SSH tunneling, you name it. They all suck. SSH is, let's face it, limited. IPSec is cumbersome, not exactly friendly to all operating systems, doesn't play well with NAT (unless you use UDP encapsulation), etc. It is glaringly obvious that it's a severely overdesigned protocol.
Enter OpenVPN. It uses SSL for encryption, but it's not a SSL-based pseudo-VPN, but a true VPN - it can forward any IP protocol. Think of it as having the functionality of IPSec, but using a simpler and more sensible implementation.
It's cross-platform (Linux, Windows, Solaris... you name it). It's simple to install and configure (same software can be either server or client and the config file semantics are similar). It's secure (it can use signed certificates, passwords, any authentication mechanism you like). It can compress the traffic on the fly (using LZO which is pretty damn fast and low-overhead). If you use TCP transport instead of UDP, it can tunnel through ordinary HTTP proxies. It has dummy-friendly GUI for Windows. It slices, it dices and it makes coffee... oh, well, maybe not that.
Anyway, i'm running an OpenVPN server on my home firewall, and i put OpenVPN on all my computers (my workstation at the office, my laptop, etc.). Wherever i go, i just fire up OpenVPN and "i'm home".
I run IMAP through it, so my IMAP clients (Evolution), no matter where they are, they "see" the same IMAP servers and folders. That is awesome - different systems, yet my mail looks the same. And it's also secure.
My wireless access point has no security whatsoever: no encryption, no MAC filtering, no SSID cloaking... it even gives you a DHCP address.
It rocks!
Is WPA-PSK better than WEP? Is it secure enough? I am using a D-Link DWL-G700AP at 12.5% power, disabled SSID broadcast, enabled MAC filter, G mode, and short preamble (because I have many 2.4gHz phones). The DWL-G700AP is hooked up to an old netgear RT314 router. I will probably upgrade that router soon since it doesn't do SPI.
Any encryption can be broken - given enough resources ...
This is false. A correct one-time pad can never be broken.
WPA-PEAP requires a Radius-server, right? I'm concerned about WPA-PSK; once Radius is in the picture you can do proper one-time passwords if you want.
Finally! A year of moderation! Ready for 2019?
IPSec sucks. Overdesigned protocol that simply gives you too much rope to not be tempted to hang yourself, too many "slightly different" implementations that are actually different enough to not interoperate, a big pain in the ass to configure correctly, no good AND free clients (especially GUI ones) for popular OSes, etc.
Have a look at OpenVPN. After i tried it, i swore i'll never get back to IPSec.
That, and many others, were the issues that i noticed while wrestling with IPSec.
I mean, IPSec is nice and all, if you're a medium-to-large company that just goes ahead and buys a full solution from vendor XYZ. But it's a big pain in the butt for everyone else.
At some point, i discovered OpenVPN and i got hooked immediately. Clients and servers for all major operating systems (the same software can be either client or software, just flip a config bit), nice GUI for Windows, compression, rock-solid encryption, reliability, simplicity of installation and configuration...
I'll never use IPsec again, unless i'm doing a corporate-scale deployment. And, who knows, maybe "enterprise" solutions based on OpenVPN will become available at some point.
WEP can be sWEPt away in a second.
This in fact is not a 'new' or 'post 9/11' development. Landlords accross the country have been held responsible for the goings-on in their properties for years.
Happy owner of a brand new Linksys wireless router. It gives the options of WPA-Pre shared(TKIP or AES), WPA-Radius, Radius, and WEP(64 or 128).
So which is good for now? Linksys help isn't very definitivie, and googling turns up a mishmash.
cc -pipe -Wall -D_LINUX -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -O4 -D_OPENSSL_MD4 -g3 -ggdb -c -o common.o common.c
common.c:32:25: openssl/md4.h: No such file or directory
common.c: In function `NtPasswordHash':
common.c:129: warning: implicit declaration of function `MD4'
make: *** [common.o] Error 1
any help is appreciated! cheers
Just like you shouldn't say (or even dial) credit card numbers, bank account numbers, etc. over a cordless phone (My baby monitor has picked up dozens of conversations over the last couple years), users just should probably refrain from doing any big time financial or otherwise confidential "conversing" with a computer and WiFi.
Get an "open" hotspot, check the weather, check the game scores, but maybe you should leave the stock selling and the 401k reorganization until you get home.
And they said zombies weren't real!
1) Threaten the President of the United States
2) Download kiddie porn.
3) View terrorist sites.
4) Buy things at online vendors with stolen credit cards.
Do all these, and you can gurantee legal misery for the person who left his hotspot unprotected!
Face it, WiFi is an externally exposed link. If you've enabled it and you're not requiring a VPN, you might as well run some 100BaseT lines out to the poles in your parking lot too.
Put all of your radios on a private LAN that only has radios. Run that LAN into an extra card on a Linux machine. Close all of the ports on that card other than your favorite VPN's ports. Require all connecting clients to use the VPN. Problem solved.
are you staying there all week?
guys please help when i compile the program the following error shows...
root@chimera:~/Desktop/asleap# make
cc -pipe -Wall -D_LINUX -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -O4 -D_OPENSSL_MD4 -g3 -ggdb -c -o apeek.o apeek.c
apeek.c: In function `test_filetype':
apeek.c:124: error: `DLT_TZSP' undeclared (first use in this function)
apeek.c:124: error: (Each undeclared identifier is reported only once
apeek.c:124: error: for each function it appears in.)
make: *** [apeek.o] Error 1
i am with Slack linx...