Re: WEEPING FOR WEP

["Mike Vasquez" <mike.vasquez () gmail com>]

Nice, even better.  So that means a lot of the higher end APs that use
sophisticated techniques (smaller IV pools, dynamic, etc) are going to be
much less effective.  I know a few large entities that will be affected
negatively.  Time to seriously upgrade the wireless security!

People who don't think they need more than wep are fooling themselves.  Kids
will a) build that cool pringles can antenna to experiment... b) run kismet
to explore the wireless around them, and c) practice their wepcracking on
your network.  what's next?  Exploring your windows machines once they're
on.

They'll be destructive just b/c they can.  Keylogger on your home pc?
cake.  Do you patch every day?  All they need is one windows vulnerability
to get access to all your data.  Anything think that if they wait long
enough, a windows flaw will come around?  hrm?  and *then* your network will
be... their network.

It's really not that far fetched.



On 4/6/07, george_ou () lanarchitect net <george_ou () lanarchitect net> wrote:
> With the newest crack released earlier this week from the German
> researchers that reduces the number of packets by an order of magnitude,
> that's under 1 minute on average with ARP replay on an 802.11g network.
> About 20 seconds average if the network is going full blast on its own.
> http://blogs.techrepublic.com.com/Ou/?p=464
>
>
> George
>
> -------- Original Message --------
> Subject: Re: [Full-disclosure] WEEPING FOR WEP
> From: "Mike Vasquez" <mike.vasquez () gmail com>
> Date: Fri, April 06, 2007 1:22 pm
> To: full-disclosure () lists grok org uk
>
> And traffic rate shouldn't be in the discussion either, since arp-replay
> allows enough packets to be captured, on most home equipment, in about 20
> minutes if you're unlucky, and attacking 128-bit wep.  64 bit keys can be
> had in under 5 minutes, 128 in under 10, and all you have to do is be
> connected for that length of time.
>
>
>
> On 4/6/07, george_ou () lanarchitect net <george_ou () lanarchitect net > wrote:
> >
> >  But WPA-PSK mode is even easier to use than WEP.  Why would you use
> > WEP.  Distance isn't really a problem with a pringle can antenna.
> >
> >
> > George
> >
>
> ------------------------------
>
> _______________________________________________
>
> Full-Disclosure - We believe in it.
>
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>
> Hosted and sponsored by Secunia - http://secunia.com/ <http://secunia.com/%3C/pre>
>
> >
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/