Full Disclosure mailing list archives
Re: WEEPING FOR WEP
From: "Mike Vasquez" <mike.vasquez () gmail com>
Date: Fri, 6 Apr 2007 15:44:23 -0700
Nice, even better. So that means a lot of the higher end APs that use sophisticated techniques (smaller IV pools, dynamic, etc) are going to be much less effective. I know a few large entities that will be affected negatively. Time to seriously upgrade the wireless security! People who don't think they need more than wep are fooling themselves. Kids will a) build that cool pringles can antenna to experiment... b) run kismet to explore the wireless around them, and c) practice their wepcracking on your network. what's next? Exploring your windows machines once they're on. They'll be destructive just b/c they can. Keylogger on your home pc? cake. Do you patch every day? All they need is one windows vulnerability to get access to all your data. Anything think that if they wait long enough, a windows flaw will come around? hrm? and *then* your network will be... their network. It's really not that far fetched. On 4/6/07, george_ou () lanarchitect net <george_ou () lanarchitect net> wrote:
With the newest crack released earlier this week from the German researchers that reduces the number of packets by an order of magnitude, that's under 1 minute on average with ARP replay on an 802.11g network. About 20 seconds average if the network is going full blast on its own. http://blogs.techrepublic.com.com/Ou/?p=464 George -------- Original Message -------- Subject: Re: [Full-disclosure] WEEPING FOR WEP From: "Mike Vasquez" <mike.vasquez () gmail com> Date: Fri, April 06, 2007 1:22 pm To: full-disclosure () lists grok org uk And traffic rate shouldn't be in the discussion either, since arp-replay allows enough packets to be captured, on most home equipment, in about 20 minutes if you're unlucky, and attacking 128-bit wep. 64 bit keys can be had in under 5 minutes, 128 in under 10, and all you have to do is be connected for that length of time. On 4/6/07, george_ou () lanarchitect net <george_ou () lanarchitect net > wrote: > > But WPA-PSK mode is even easier to use than WEP. Why would you use > WEP. Distance isn't really a problem with a pringle can antenna. > > > George > ------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ <http://secunia.com/%3C/pre> >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: WEEPING FOR WEP, (continued)
- Re: WEEPING FOR WEP Steven Adair (Apr 06)
- Re: WEEPING FOR WEP Bruce Ediger (Apr 06)
- Re: WEEPING FOR WEP Valdis . Kletnieks (Apr 06)
- Re: WEEPING FOR WEP Robert Allinson (Apr 06)
- Re: WEEPING FOR WEP Michael Holstein (Apr 06)
- Re: WEEPING FOR WEP Gary Warner (Apr 06)
- Re: WEEPING FOR WEP James (njan) Eaton-Lee (Apr 06)
- Re: WEEPING FOR WEP george_ou (Apr 06)
- Re: WEEPING FOR WEP Mike Vasquez (Apr 06)
- Re: WEEPING FOR WEP george_ou (Apr 06)
- Re: WEEPING FOR WEP Mike Vasquez (Apr 06)
- Re: WEEPING FOR WEP Troy Cregger (Apr 09)
- Re: WEEPING FOR WEP Mike Vasquez (Apr 06)