If you're running any kind of wireless network ....

[Double Trouble]

Here's an interesting article on WEP encryption and wireless networks. Recently released tools make it essentially child's play to crack any WEP encrypted wireless network within seconds. Interesting read, with some good references to more in-depth analysis.

I've known for a while about the vulnerabilities of WEP, but kind of thought "well, it's still not *that* easy to crack, so it's fine for the average home with nothing critical on a network". That's no longer the case. The new tools make it such that it's not even good enough for that anymore....

WEP Encryption - dead

 

[AkumaX]

link to crack wep plz

 

[V00D00]

It's been wide open for a LONG time.

 

[DaveSimmons]

To nit-pick, the blog says "minutes" not "seconds", and it requires generating the thousands of data packets, but it's definitely depressing.

We need software or router firmware that can detect the mass packet injection and send an altert to your machine that the hack attempt is ocurring, and maybe even do something like shut the network down. Better to suffer denial-of-service than being hacked, though perhaps there is some other way to block the packet injection.

 

[nweaver]

Wep should only be a small part of your overall security scheme

 

[MercenaryForHire]

And people wonder why I use WPA exclusively.

- M4H

 

[Spike]

WPA?

 

[n0cmonkey]

IPSEC.

 

[3chordcharlie]

WEP still protects against casual 'hacking'.

It's kind of like locking the doors on your car - it won't keep anyone out if they really want in.

 

[MercenaryForHire]

Originally posted by: 3chordcharlie
WEP still protects against casual 'hacking'.

It's kind of like locking the doors on your car - it won't keep anyone out if they really want in.

At the level where it took "hours" to crack, yes. This is like forcing the thief to cycle through a set of Universal Keyless Remotes. Annoying, yes, but it's going to throw off only the wardrivers afflicted with ADHD.

- M4H

 

[Double Trouble]

Originally posted by: V00D00
It's been wide open for a LONG time.

Nope, it's been open to those with a lot of time, resources and some knowhow. That's changing with these new tools that are coming out....

To nit-pick, the blog says "minutes" not "seconds", and it requires generating the thousands of data packets, but it's definitely depressing.

We need software or router firmware that can detect the mass packet injection and send an altert to your machine that the hack attempt is ocurring, and maybe even do something like shut the network down. Better to suffer denial-of-service than being hacked, though perhaps there is some other way to block the packet injection.

It could be minutes, but it could also be seconds, depending on the key and some other factors. Still, it's plenty fast enough to deal effectively with dynamic changing WEP keys.

Originally posted by: MercenaryForHire
And people wonder why I use WPA exclusively.

Yeah, I'm using WPA on my wireless network as well, but the reality is that if you look at the vast majority of wireless network users in the US, many have no encryption or security enabled (idiots), and the vast majority of the remaining users use some form of WEP as their encryption/security. Basically, with the newer tools that are coming out now, any dolt with some linux knowledge and some cheap hardware can hack into just about any wireless network in the area. What if that guy starts trading kiddy porn and the cops come knocking on your door? That would suck!

WEP still protects against casual 'hacking'.

It's kind of like locking the doors on your car - it won't keep anyone out if they really want in.

It used to be like locking your doors, now it's more like rolling up the windows, but not locking the doors. If you read some of the papers that the blog links to, it becomes pretty clear that WEP is not even good enough for protection against casual hacking anymore.

My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

 

[JackBurton]

Originally posted by: DaveSimmons
To nit-pick, the blog says "minutes" not "seconds", and it requires generating the thousands of data packets, but it's definitely depressing.

We need software or router firmware that can detect the mass packet injection and send an altert to your machine that the hack attempt is ocurring, and maybe even do something like shut the network down. Better to suffer denial-of-service than being hacked, though perhaps there is some other way to block the packet injection.

Get a Cisco AP (no, not a Linksys), and you'll be good to go. It doesn't DoS the client, it just ignores it (it will not respond to it).

If you're a business and serious about wireless security, you get this.

 

[3chordcharlie]

Originally posted by: tagej

It used to be like locking your doors, now it's more like rolling up the windows, but not locking the doors. If you read some of the papers that the blog links to, it becomes pretty clear that WEP is not even good enough for protection against casual hacking anymore.

My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

This wouldn't shock me.

Fortunately for me, my wireless netwrok doesn't work at all, because someone with a newer, nicer wireless router has most of my block all clogged up, and mine just won't work

Good thing it cost $15 and I needed a wired router anyway, or I'd be pissed!

 

[n0cmonkey]

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

 

[JackBurton]

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

I predict open APs with breathe new life into the bit-torrent network. ...I mean

 

[n0cmonkey]

Originally posted by: JackBurton

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

I predict open APs with breathe new life into the bit-torrent network. ...I mean

bt is tough since it requires ports being forwarded. Other things are much much easier though.

 

[MercenaryForHire]

Originally posted by: n0cmonkey

Originally posted by: JackBurton

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

I predict open APs with breathe new life into the bit-torrent network. ...I mean

bt is tough since it requires ports being forwarded. Other things are much much easier though.

Any router that supports UPnP will cheerfully open any ports Azureus asks it too, as long as it comes in on the Trusted LAN Interface.

- M4H

 

[JackBurton]

Originally posted by: n0cmonkey

Originally posted by: JackBurton

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

I predict open APs with breathe new life into the bit-torrent network. ...I mean

bt is tough since it requires ports being forwarded. Other things are much much easier though.

If you have access to the AP, you'll most likely have access to the router configuration. Bingo, ports start to get rerouted, and extra traffic will be going on between the hours of 12:00am - 5:00am.

 

[n0cmonkey]

Originally posted by: JackBurton
If you have access to the AP, you'll most likely have access to the router configuration. Bingo, ports start to get rerouted, and extra traffic will be going on between the hours of 12:00am - 5:00am.

Maybe, maybe not.

 

[JackBurton]

Originally posted by: n0cmonkey

Originally posted by: JackBurton
If you have access to the AP, you'll most likely have access to the router configuration. Bingo, ports start to get rerouted, and extra traffic will be going on between the hours of 12:00am - 5:00am.

Maybe, maybe not.

Oh I'm sure it's more maybe than maybe not.

 

[n0cmonkey]

Originally posted by: MercenaryForHire

Originally posted by: n0cmonkey

Originally posted by: JackBurton

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

I predict open APs with breathe new life into the bit-torrent network. ...I mean

bt is tough since it requires ports being forwarded. Other things are much much easier though.

Any router that supports UPnP will cheerfully open any ports Azureus asks it too, as long as it comes in on the Trusted LAN Interface.

- M4H

It's never happened on any of the wireless routers I've tried.

 

[MercenaryForHire]

Originally posted by: n0cmonkey

Originally posted by: MercenaryForHire

Originally posted by: n0cmonkey

Originally posted by: JackBurton

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

I predict open APs with breathe new life into the bit-torrent network. ...I mean

bt is tough since it requires ports being forwarded. Other things are much much easier though.

Any router that supports UPnP will cheerfully open any ports Azureus asks it too, as long as it comes in on the Trusted LAN Interface.

- M4H

It's never happened on any of the wireless routers I've tried.

Then stop benchmarking based on the extreme ends of Ghetto and Industrial. Everything in the middle from DLink to Linksys supports UPnP after a firmware flash. And once you're on the network, sniffing the password to the router is cake.

- M4H

 

[n0cmonkey]

Originally posted by: MercenaryForHire
Then stop benchmarking based on the extreme ends of Ghetto and Industrial. Everything in the middle from DLink to Linksys supports UPnP after a firmware flash. And once you're on the network, sniffing the password to the router is cake.

- M4H

I've tried ghetto (motorola) and more ghetto (linksys).

I thought they did SSL these days...

 

[JackBurton]

Originally posted by: MercenaryForHire

Originally posted by: n0cmonkey

Originally posted by: MercenaryForHire

Originally posted by: n0cmonkey

Originally posted by: JackBurton

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

I predict open APs with breathe new life into the bit-torrent network. ...I mean

bt is tough since it requires ports being forwarded. Other things are much much easier though.

Any router that supports UPnP will cheerfully open any ports Azureus asks it too, as long as it comes in on the Trusted LAN Interface.

- M4H

It's never happened on any of the wireless routers I've tried.

Then stop benchmarking based on the extreme ends of Ghetto and Industrial. Everything in the middle from DLink to Linksys supports UPnP after a firmware flash. And once you're on the network, sniffing the password to the router is cake.

- M4H

I'm sure you won't even get to the point of sniffing passwords if someone is broadcasting an SSID named linksys and it's open. There's a 99.9999999% chance it is using the default config and the default password is still set.

 

[Double Trouble]

Originally posted by: n0cmonkey

Originally posted by: tagej
My guess is, criminals are going to start using (unknown/unauthorized) access to other people's wireless networks to commit crimes, then escape punishment because nothing can be traced back to them......

Start?

True, very true, they are already doing it.... but it's getting a whole lot easier and more profitable (identity theft etc) for them.

UPnP does work on pretty much all low end to mid range wireless routers, so that would open up all required ports for a bittorrent client. Perhaps there is a brighter side to this after all