Re: wep problems
- From: Jeff Liebermann <jeffl@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 26 Aug 2005 21:39:33 GMT
On Fri, 26 Aug 2005 13:57:57 -0500, "JB"
<jbrandonbbremove@xxxxxxxxxxx> wrote:
>Well, I've read your posts, Jeff. You're a smart guy.
I'm not smart, just sneaky.
>Easy for you is a
>month of failure for a lot of average computer users.
Ever notice my domain name? LearnByDestroying.com.
Let's just say that my learning curve tends to be rather steep and
expensive at time. My not being much of a programmist limits what I
can do with software.
>I've been writing
>about security and wireless for five years and before that worked in IT for
>10 years,
Well, since you're a writer on security, perhaps you can explain why
there's such a wide variation in recommended wireless security
measures. Well, perhaps I'm part of the problem because I have such a
warped view of what I consider to be "adequate" security.
Incidentally, congratulations on having worked in IT for 10 years and
still preserved your sanity.
>so if that's a dry run, I'd love to see what a wet run looks like!
Well, re-reading my own posting, I indicated the *I* was the one that
have done more than a few dry runs. I didn't intend to suggest that
your experience in wireless security is in any way lacking.
What I meant was that most "security experts"[1] can demonstrate that
they can crack a WEP key under almost ideal circumstance. The access
point and sniffer laptop are in the same room. There's no
interference from neighboring LAN's. There's no line of sight issues.
The sniffer can easily hear both sides of the connection. In some
cases, the WEP key is intentionally trivialized in order to shorten
the length of time necessary to demonstrate to management that it can
be done. Far too easy to be considered anything better than a dry
run.
The problems start when the same person has to demonstrate WEP
cracking under not so ideal circumstances from outside the building.
In addition, just getting the WEP key doesn't guarantee access if
there's any type of authorization login or authentication RADIUS
server involved. It's also useless with SSL, SSH2, and VPN traffic.
Where I blundered into difficulties was when I had a gigabloat of
captured encrypted traffic, I had successfully extracted the WEP key,
but there was no obvious way of decrypting the captured traffic using
the WEP key. Once I got past that major obstacle, I had to figure out
how to sort the TCP packets in sequence so I could reassemble the
email messages that were in the capture file.
>Cracking WEP is easy if you know what to do. Knowing what to, that's the
>hard part.
Oh, script kiddies are quite adept at finding tools and following
instructions. Once some discloses the procedures and tools on a
hacker mailing list, the horde is out there trying it.
[1] Security expert. Someone that actually attends the various
security conventions.
--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831.336.2558 voice http://www.LearnByDestroying.com
# http://802.11junk.com
# jeffl@xxxxxxxxxxxxxxxxxxxxxx
# jeffl@xxxxxxxxxx AE6KS
.
- References:
- wep problems
- From: hunwalla
- Re: wep problems
- From: David Taylor
- Re: wep problems
- From: hunwalla
- Re: wep problems
- From: hunwalla
- Re: wep problems
- From: JB
- Re: wep problems
- From: Jeff Liebermann
- Re: wep problems
- From: JB
- wep problems
- Prev by Date: Re: wep problems
- Next by Date: Re: wireless connection problem
- Previous by thread: Re: wep problems
- Next by thread: Re: wep problems
- Index(es):
Relevant Pages
|
|
