running Linux on odd devices is SOOO COOL!

Lisa Kachold lisakachold at obnosis.com
Sat Nov 14 17:59:46 MST 2009 

Kurt,

As you stated, WPA/WPA2-PSK security is inherently flawed:


   - One flaw allowed an attacker to cause a denial-of-service attack, if
   the attacker could bypass several other layers of protection.
   - A second flaw exists in the method with which WPA initializes its
   encryption scheme. Consequently, it's actually easier to crack WPA than it
   is to crack WEP. This flaw is the subject of this article.


A WPA key *can* be made good enough to make cracking it unfeasible. WPA is
also a little more cracker friendly. By capturing the right type of packets,
you can do your cracking offline. This means you only have to be near the AP
for a matter of seconds to get what you need. WPA basically comes in two
flavours RADIUS or PSK. PSK is crackable, RADIUS is not so much.

*But how many people actually have WPA RADIUS encryption?*

Here's another link that includes PSK cracking Howto:
http://www.aircrack-ng.org/doku.php?id=cracking_wpa

Using airocrack-ng tools in Backtrack (per my presentation materials at
http://plug.phoenix.az.us show) WEP and WPA/WPA2-PSK are easy to crack.

Does anyone here run Radius?

Here's an accompanying document to better explain it:
http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks


On Sat, Nov 14, 2009 at 7:32 PM, Kurt Granroth <
kurt+plug-discuss at granroth.com <kurt%2Bplug-discuss at granroth.com>> wrote:

> On 11/14/09 12:02 PM, Lisa Kachold wrote:
> > The whole concept of "wireless encryption security" is somewhat moot
> > with airdump-ng etc tools.
> >
> > WEP keys are really easy to break.
> >
> > WPA is also easily encroached - but harder with a truely unique secure
> > key (which few people use)
> >
> > It just exists as part of the big "security" matrix to keep the honest
> > people out.  Crackers can get right in anyway!
> >
> > http://www.obnosis.com/Layer8Wireless.html
>
> Okay, I have to take exception to how this is written.  You are
> comparing the security of WEP and WPA as if they are somehow equivalent
> or equally "easy" to crack.  That is just not true.
>
> WEP is fundamentally broken.  It can be reliably cracked in seconds, in
> most cases.  Its use is more of a "please don't use this network" flag
> than any real attempt to keep people out.
>
> WPA, on the other hand, is NOT broken.  Only one variation of it is
> crackable at all (PSK) and even then, the attack is a brute force
> dictionary attack.  By that argument, ALL password based encryption is
> crackable.
>
> Yes, you could successfully argue that since MOST home APs use PSK and
> MOST probably just set the password to 'admin' or 'linksys' or some
> other trivial name, that IN PRACTICE, it's not hard to crack most uses
> of WPA.
>
> But saying that "[c]rackers can get right in anyway" just isn't true.
> All that is needed is a reasonably difficult password.  Don't use a
> dictionary word and make it decently long and it quickly becomes far too
> difficult to crack to make it worth it for all but the most extreme
> cases.  It's either VERY expensive or takes YEARS.
>
> I'm sure that you read this:
>
>
> http://news.electricalchemy.net/2009/10/password-cracking-in-cloud-part-5.html
>
> It answers the question: "how much does it cost to crack a password?"
> It assumes that you are using Amazon EC2 at $0.30 an hour.  A twelve
> character password using the full ASCII set would cost over $8 TRILLION
> dollars to crack.  Even much smaller passwords are still in the millions.
>
> The password that I use on my WPA2-PSK AP is 20-odd chars long and spans
> the ASCII range.  Far from allowing crackers to "get right in", it's
> nearly impossible for them to do so.
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
Skype: (623)239-3392
AT&T: (503)754-4452
www.it-clowns.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20091114/afb0ace2/attachment.htm

More information about the PLUG-discuss mailing list