Dailydave mailing list archives
Re: All Ur WiFi(WPA) R Belong 2 PacSec
From: wishi <brouce () gmx net>
Date: Tue, 11 Nov 2008 19:07:30 +0100
Cedric Blancher schrieb:
Le dimanche 09 novembre 2008 à 00:52 +0100, Raul Siles a écrit :The associated whitepaper from the authors has been released on the aircrack-ng links page: http://dl.aircrack-ng.org/breakingwepandwpa.pdfYou can find a summary I posted earlier today about it: http://sid.rstack.org/blog/index.php/305-des-fameuses-faiblesse-de-tkip It is written in French, but English speaking readers can click on the UK flag just beneath title and get a Google translated version :)
I think this a perfect example for two technologies, which aren't vulnerable for themselves: on the one hand this attack only works on QoS enabled Access Points, one the other hand these Access Points have to use TKIP, too. Nevertheless of WPA I oder II, as long as no AES-CCMP is used. Thing is: TKIP without QoS won't allow any successful attacks, either. But today there's a need for VoIP and other technologies which need a good latency. Which lead me to another tought: UCsniff has been released this week. It's a very advanced VoIP sniffer. (http://ucsniff.sourceforge.net/) Especially the combinations again are problematic. Now it's not just application data, but even VoIP, which can leak. It's like a little piece of dynamite added to the problem to make it explode. - Because it'll take years for the mass of people to patch their routers. Even great companies have to find a new common denominator to apply more security without TKIP, because QoS most times is harder to deactivate. It seems things came together... and made a really nice explosion! _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- All Ur WiFi(WPA) R Belong 2 PacSec Dragos Ruiu (Nov 07)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec Dave Aitel (Nov 07)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec Stephen John Smoogen (Nov 07)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec Raul Siles (Nov 09)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec Cedric Blancher (Nov 09)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec wishi (Nov 11)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec neal wise (Nov 11)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec Stephen John Smoogen (Nov 07)
- Re: All Ur WiFi(WPA) R Belong 2 PacSec Dave Aitel (Nov 07)