Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
wireless network at home
wireless network at home
I've learned that wifi encryption basically stinks. Is this generally true?
If so, then how difficult would it be to set up my own network using radio communication and my own choice of better encryption?
Anyone who has some nice websites, tutorials or manuals to point out, please feel free.
Cheers.
If so, then how difficult would it be to set up my own network using radio communication and my own choice of better encryption?
Anyone who has some nice websites, tutorials or manuals to point out, please feel free.
Cheers.
Don't Panic!
WPA-PSK2 is pretty safe so long as you choose a nice long key.
This site and many other have generators that willl give you a key something like s?[89${MC8'ZYy{l\9<:>Al<3!F97sjSz$OeN1Uy?BRVnS\lsg+yI]~~]pWX=#w which is pretty hard to bruteforce
This site and many other have generators that willl give you a key something like s?[89${MC8'ZYy{l\9<:>Al<3!F97sjSz$OeN1Uy?BRVnS\lsg+yI]~~]pWX=#w which is pretty hard to bruteforce
Every cloud has a silver lining, except for the mushroom shaped ones, which have a lining of Strontium 90.
---------------------------------------------
umop apisdn
---------------------------------------------
umop apisdn
wireless encryption
Some snoops don't use today's computing power. However, this may be my best option. Still, what about a private system of encryption that isn't based on the commercial WEP, WPA, etc. ? If I had say a couple of ham radios hooked up to each box, couldn't I just use whatever encryption I choose to transmit the data? Why do wireless cards lock me in to a specific set of encryption choices? Or do they?Your goal, then, is to use a sufficiently strong password that would require an intruder to spend years (given today's computing power) to brute-force your passphrase.
Don't Panic!
have you considered
using ssh to a shell acount?
man ssh
ssh -D (port#) -l (username) your.shell.account
firefox/preferences/internet connections/ settings / manual connection to internet/ localhost + port /select socks proxy 5
now you have bound your browser session to an encrypted pipe right out of the local network.
so if someone is using kismet or whatever, iftop, etc. they will only see your connection but i dont think its feasible to brute force that!
this is what i do when at the coffee shop. of coarse encryption slows your connection down even more.
you should also always use the strongest encryption available, don't broadcast your ssid and use mac filtering to help security. wpa supplicant has gotten better with Linux
your always welcome to ask me further details on my blog or here. Im not anywhere near an expert however. Just your average geek.
man ssh
ssh -D (port#) -l (username) your.shell.account
firefox/preferences/internet connections/ settings / manual connection to internet/ localhost + port /select socks proxy 5
now you have bound your browser session to an encrypted pipe right out of the local network.
so if someone is using kismet or whatever, iftop, etc. they will only see your connection but i dont think its feasible to brute force that!
this is what i do when at the coffee shop. of coarse encryption slows your connection down even more.
you should also always use the strongest encryption available, don't broadcast your ssid and use mac filtering to help security. wpa supplicant has gotten better with Linux
your always welcome to ask me further details on my blog or here. Im not anywhere near an expert however. Just your average geek.
WEP is worthless. It can be cracked in half-hour or less, depending on the network, using a statistical attack. That is to say, it doesn't matter what the key is. A random key will be discovered just as quickly as a key of 12345.
WPA-PSK is much better. The only way that it can be cracked is by way of capturing a client authentication then trying out a password list on it until a match is found. If nothing in the wordlist matches, then a bruteforce can be attempted, starting with passwords of only one character all the way up through 63 (or whatever the max) characters. This is not feasible on today's hardware, unless somebody with a lot of resources thought it worthwhile to put a distributed network to cracking just that one key.
If you can use it, wired is much more secure, though it suffers some flaws itself. The attacker can use something called ARP-cache poisoning to redirect your traffic through their own system. This requires a computer local to your own as an attack vector, of course, but it becomes feasible in a network of any size.
Your best bet, and only actually safe one, is to treat your connection as hostile and encrypt everything. Ssh tunnels are great for this.
WPA-PSK is much better. The only way that it can be cracked is by way of capturing a client authentication then trying out a password list on it until a match is found. If nothing in the wordlist matches, then a bruteforce can be attempted, starting with passwords of only one character all the way up through 63 (or whatever the max) characters. This is not feasible on today's hardware, unless somebody with a lot of resources thought it worthwhile to put a distributed network to cracking just that one key.
If you can use it, wired is much more secure, though it suffers some flaws itself. The attacker can use something called ARP-cache poisoning to redirect your traffic through their own system. This requires a computer local to your own as an attack vector, of course, but it becomes feasible in a network of any size.
Your best bet, and only actually safe one, is to treat your connection as hostile and encrypt everything. Ssh tunnels are great for this.
For the sake of proper attribution, my avatar: http://www.deviantart.com/deviation/40999320/
stealing sessions
a little off topic.
keep in mind also that in practice, a person would probably not even bother to attempt bruteforcing when he could easily grab " certain" packets that have your mac address and then just
ifconfig hw ether yo:ur:ma:ch:er:e. and then pretend he is you.
Im not sure though if at that point he/she has any way of also highjacking anything else, Ive only done this in a campus setting to get online without any malicous entent, however, you can see how something can be easily circumvented.
keep in mind also that in practice, a person would probably not even bother to attempt bruteforcing when he could easily grab " certain" packets that have your mac address and then just
ifconfig hw ether yo:ur:ma:ch:er:e. and then pretend he is you.
Im not sure though if at that point he/she has any way of also highjacking anything else, Ive only done this in a campus setting to get online without any malicous entent, however, you can see how something can be easily circumvented.
- chrismortimore
- Posts: 849
- Joined: 2007-04-24 06:34
- Location: Edinburgh, UK
One of my flatmates wireless cards doesn't work with WPA (for whatever reason), so I'm forced to use WEP, boo! Thats why I still lock down my computers really tightly, even though the router gives us plenty of protection from outsiders. As far as everyone else on the network is concerned, my desktop and laptop don't even exist, and the only bit they can access is a vserver with absolutely nothing on it (except a webserver and some binding mounts to things I want to share). Of course, the whole lot is read only, and all log in accounts are disabled, so the only way in is from the desktop. Which is incredibly hard...
I love security, it's fun
I love security, it's fun
Desktop: AMD Athlon64 3800+ Venice Core, 2GB PC3200, 5x320GB WD 7200rpm Caviar RE2 (RAID5), Nvidia 6600GT 256MB
Laptop: Intel Pentium M 1.5GHz, 512MB PC2700, 60GB 5400rpm IBM TravelStar, Nvidia 5200Go 64MB
Laptop: Intel Pentium M 1.5GHz, 512MB PC2700, 60GB 5400rpm IBM TravelStar, Nvidia 5200Go 64MB
Another good key generator is https://www.grc.com/passwords.htm
This also allows alpha numeric strings to be generated as some routers do not support ASCI characters in their keys.
This also allows alpha numeric strings to be generated as some routers do not support ASCI characters in their keys.
Stay away from that grc site. He is basically a fraud
Proof is at http://grcsucks.com/ (dodgy name i know but the content is real)
Proof is at http://grcsucks.com/ (dodgy name i know but the content is real)
Every cloud has a silver lining, except for the mushroom shaped ones, which have a lining of Strontium 90.
---------------------------------------------
umop apisdn
---------------------------------------------
umop apisdn
a few helpful links to extend your knowledge
http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf first paper about WEP vulnerability
http://seattlewireless.net/ my local resource
the book WarDriving and Wireless Penetration Testing (oreilly)
the book Wi-Foo secrets of wireless hacking (addison wesley)
theres much more, i think pen testing your own AP is the only way to really know for sure, it will take you on a road to understsnding what is practical.
Im always open to new resources, as I am a mere traveler on the same road.
http://seattlewireless.net/ my local resource
the book WarDriving and Wireless Penetration Testing (oreilly)
the book Wi-Foo secrets of wireless hacking (addison wesley)
theres much more, i think pen testing your own AP is the only way to really know for sure, it will take you on a road to understsnding what is practical.
Im always open to new resources, as I am a mere traveler on the same road.
thanks for links
Thanks for the interesting links rfmonk. I've been interested in community wireless since I saw a cool idea playing out in Ohio. Then a regional commercial IP sued them. The story aired on NOW, I think when Bill Moyers was still hosting. Anyway, it's an exciting idea for helping to close the technology gap, in my opinion.
Thanks to Wikipedia I learned some of the terms you used:
AP = Access Point
pen-test = penetration test
Cheers.
Thanks to Wikipedia I learned some of the terms you used:
AP = Access Point
pen-test = penetration test
Cheers.
Don't Panic!
Re: stealing sessions
MAC spoofing is only really useful for APs that control access by way of a white-list of MAC addresses and don't really relate to the encryption method at all. So, an attacker could spoof your MAC, but will still be locked out if WEP or WPA are in use.rfmonk wrote:a little off topic.
keep in mind also that in practice, a person would probably not even bother to attempt bruteforcing when he could easily grab " certain" packets that have your mac address and then just
ifconfig hw ether yo:ur:ma:ch:er:e. and then pretend he is you.
Im not sure though if at that point he/she has any way of also highjacking anything else, Ive only done this in a campus setting to get online without any malicous entent, however, you can see how something can be easily circumvented.
Again, cracking WEP is trivial.
For the sake of proper attribution, my avatar: http://www.deviantart.com/deviation/40999320/
i don't even bother with encryption. but i do use MAC address filtering even though somone could spoof it.
the way i look at it is that anyone who can crack WEP or spoof my MAC has more important things to do than to hack my linux network. i use an original (simple) method of steganography to hide critical private data and you couldn't find it even with the latest forensic tools. and for critical online passwords, i use ssl or ssh.
i don't recommend this for commercial networks, but most of us home users dont have hackers parked outside so MAC filtering will do just fine.
imho it's alright, i guess, to be paranoid, but i try not to be.
the way i look at it is that anyone who can crack WEP or spoof my MAC has more important things to do than to hack my linux network. i use an original (simple) method of steganography to hide critical private data and you couldn't find it even with the latest forensic tools. and for critical online passwords, i use ssl or ssh.
i don't recommend this for commercial networks, but most of us home users dont have hackers parked outside so MAC filtering will do just fine.
imho it's alright, i guess, to be paranoid, but i try not to be.
Half hour? Maybe 5 years ago... you can crack WEP in under a minute now
I'm actually writing a Perl + ncurses interface for automating just that
WEP is worthless. MAC filtering is even more worthless. Don't use anything less than WPA2 if you care about security nowadays.
(and yes, Steve Gibson is a moron)
I'm actually writing a Perl + ncurses interface for automating just that
WEP is worthless. MAC filtering is even more worthless. Don't use anything less than WPA2 if you care about security nowadays.
(and yes, Steve Gibson is a moron)
Have a question? for f in $(ls /usr/bin/); do man $f; done
----
Love Freedom? Love Liberty? Hate Bush? Vote Ron Paul in 2008!
----
Love Freedom? Love Liberty? Hate Bush? Vote Ron Paul in 2008!
rfmonk, you mentioned about using socks 5 in Firefox. Do I just open up my connection settings and select 'Manual proxy configuration' then add localhost to the proxy? And that is it? When I added a port number (a random one) it blocked my connection When the port is left as 0 it connects but I don't know if it is encrypted or not
I didn't realise that Steve Gibson was a fraud, thanks for the info! His key gen was a useful tool but I will find anotherl.
Thanks again.
I didn't realise that Steve Gibson was a fraud, thanks for the info! His key gen was a useful tool but I will find anotherl.
Thanks again.
Computer security is a relative thing. The only way to get complete security is to unplug your computer, lock it in a safe and never use it. Unfortunately, we are constantly balancing computer usability versus computer security. I use and recommend the use of a router, or combined router and wireless access point even if you only have one computer connected to the internet. It functions as a reasonably effective hardware firewall if correctly configured. Wireless, if needed will always be less secure than a wired connection, but use of either WPA or WPA2 is reasonable security. The likihood of someone sitting outside your home for the time needed to crack your network is rather unlikely. The same can be said for the use of locking a system down to the MAC adress. While MAC spoofing is possible, its my opinion that its unlikely that a "cracker" will spend the time sitting outside of your house hoping to get into your network. Any way, if you are concerned about your neighbor's ability to crack your network, then stick to a hard-wired network. You will sleep better.
I worry more about the vunerability of the "big fish" I do business with. Its more likely for a criminal to break into Amazon's, a bank's or a government's network than my personal computer. Heck, I've lost count of the number of government laptops that have been lost. I tend to spend more time worrying about the vendors I do business with and take measures to limit, but not eliminate my risks.
Joe
I worry more about the vunerability of the "big fish" I do business with. Its more likely for a criminal to break into Amazon's, a bank's or a government's network than my personal computer. Heck, I've lost count of the number of government laptops that have been lost. I tend to spend more time worrying about the vendors I do business with and take measures to limit, but not eliminate my risks.
Joe
Never meddle in the affairs of dragons, for you are crunchy and good with catsup.
academic? peace of mind?
Well, it's not only the greedy criminal that weighs on my mind, jml. It's the "dragons" too. I don't mean to meddle in their affairs, but I'd like to give my computer setup maximum protection against them. I hear they don't like garlic, and yet they often eat at fancy Italian restaurants in Washington D.C., so I doubt that's true.
Cheers.
Cheers.
Don't Panic!