Slashdot Mirror
A New Wi-Fi Exploit, Limited But Clever
eggboard writes "Martin Beck, who in 2008 co-wrote a paper describing a way to inject packets into a secured Wi-Fi system, is back with a more extensive exploit. His 'Enhanced TKIP Michael Attacks' still don't allow extraction of a key, and are limited to TKIP (not AES-CCMP) WPA-protected networks. Still, he's figured out how to put in large payloads, and to extract data sent from an access point to a client — all without cracking the network key. The attack requires proximity to sniff and inject data, but it's another crack in the older key standard (TKIP) that no one with serious security interests should still be using." Here is Beck's paper (PDF) describing the new attacks.
Alice? Alice, is that you?
We were using SSL over L2TP over WPA over IPsec. Who else have you been seeing?
Bob
From TFA:
As with the previous attack, a lot of stars have to be in alignment. The biggest requirement is that TKIP has be the key type, not AES-CCMP. An attacker has to be proximate to sniff traffic and inject packets. The router has to be running Linux, like many Wi-Fi routers do. The router doesn't need to be compromised; there's a particular Wi-Fi packet sequence that's more predictable, and thus easier to use in the attack. Network QoS (802.11e/WMM) needs to be enabled as well.
That is poor advice because all it does is create the illusion of security. Actually good advice would be "just use wpa2, or wpa-aes". If you use proper security with your wifi network then there is no need for child's play games like that.
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
How exactly? Using exploits in non-deprecated wireless security is far more technically involved than running some script kiddie application which will list all wi-fi networks in range, SSID broadcasting or not, and also the mac address of clients on those networks automagically, as well as crack obsolete security like WEP.
So really, anyone who could even think about cracking a WPA or RADIUS network, which would take quite a bit of time and effort and probably days of information gathering to achieve in practice, would find such measures trivial to break.
However, these measures still lower the supportability of your network, which means they would be very costly for something useless. And even worse, because users who had issues with say, your MAC address filter, might not know how to fix them, they might do something stupid to their machine which actually has the net effect of making your network LESS secure. Fun.
Using WPA or MAC address filters would be like arguing that putting a thumbtack on the floor outside a fortress enhances it's security. Objectively undeniable, but still laughable. Sure it will help keep stupid little kids out of your fortress, but those are not the type of people who could never get past the giant walls, moats, archers, etc your actual fortress security employs. On the other hand, this tack, not being in the fortress standards, might actually manage to make miserable the life of a well intentioned, if stupid, servant, guard, etc.
Hiding your SSID can actually be detrimental...
If your SSID is open, then your machine can see its broadcasts and connect to it... If the SSID is hidden, then your machine has to probe for it by name.. Meaning that if your machine is away from its usual location, you can see what network its looking for...
If the SSID is hidden, then someone trying to break into it just needs to sniff traffic for a while to get the SSID anyway.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
if you need really good security in your wireless, JUST LEAVE IT OPEN. ;)
And use a vpn of course
ipsec is widely supported, but openvpn is a good choice too.
secure, encrypted, configurable, and with YEARS of testing behind!
I've never really understood this attitude. I feel that one needs to be aware of security theatre, or security kabuki -- things that make you feel safer but don't actually make you safer. There are two possibilities for an attacker: an idiot, or, someone very capable.
While it's true that a non-broadcast SSID might stop an idiot, ditto for locking down MAC addresses, you can extract both of these (completely unencrypted) from the packet stream. Any modestly competent attacker can do this quite quickly.
But locking down MAC addresses and turning off SSID broadcasting increases the tedium of administration while making no real difference to a hacker. Like the TSA, it's security kabuki in my view.
In general, I don't find my security enhanced by assuming that the attacker is a clueless moron. If that were the case, then Windows 98 coupled with digital hashes checked against all files would be a secure OS.
The one argument I think you could come up with is that if you enable all security features in a disciplined manner then that's just good practice. Maybe. I still think it smacks of a bit of security theatre.
Re: wi-fi security, what's to stop someone from creating a hotspot with the same SSID and just wait for the user to provide their credentials when they try to re-login? The average user will probably just go ahead and re-enter their password. No need for breaking any encryption, just a bit of social engineering.
SSID broadcast and mac address filter do nothing to stop hackers, unfortunately.
When the MAC filter fails, you still have the other. If WPA2 fails, you have nothing, because the MAC filter is effectively worthless.
Not a sentence!
That comment is halfway between troll and truth.
That only works for short passwords using dictionary words and common alternatives--typically eight characters or fewer. Yes, you can get precomputed dictionaries for common SSIDs, and you can even use a new service to do some computation.
However, move to 9 characters of random text (&fa^g_!80) and a unique SSID ("My little pony's network"), and all bets are off to computing the result in anything like a usable period of time.
TKIP and AES-CCMP remain strong for long, strong passwords, long being 10 or more characters, but 12 to 20 is best.
Freelance tech journalist for the Economist, MIT Technology Review, Macworld, and others
Not broadcasting is even more dangerous, as someone can set up a network with the same ID that does broadcast, and potentially capture your traffic without your knowledge.
Really? I don't think anybody else would choose "Linksys" as an SSID, would they?
My services as a private investigator are available at a very reasonable price, should you wish them.
Eve
1. If you're having trouble with WPA2, it's an implementation issue. There's no reason that WPA2 shouldn't work as well or better than WPA. In some silicon, AES-CCMP encryption can work faster than TKIP. Check for firmware upgrades on adapters and APs.
2. TKIP keys cannot be extracted by any known methods. Short TKIP and AES-CCMP passphrased-based keys are vulnerable to brute-force dictionary attacks, typically based on precomputed common SSIDs. A key of 10 or more characters is probably fine; 20 random characters is beyond computation in this universe. 63 is just silly.
3. The TKIP exploits are particular to AES-CCMP and don't recover the key, nor does any particular key length prevent the exploit. The exploits rely on a set of givens (such as 802.11e/WMM being available and enabled on a router), but this latest exploit that I link to uses the integrity checksum to extract a packet delivered to a client in the right circumstances.
4. This attack could be weaponized, but it's a proximity attack, so the yield is very very low in such attacks.
Freelance tech journalist for the Economist, MIT Technology Review, Macworld, and others