dslreports logo
 
    All Forums Hot Topics Gallery
spc
view:
topics flat nest 
Comments on news posted 2008-10-10 09:14:17: According to a vague article at SC Magazine, use of the latest NVidia graphics cards can accelerate WPA Wi-Fi "password recovery" times "by up to an astonishing 10,000 per cent. ..

page: 1 · 2 · next

jjoshua
Premium Member
join:2001-06-01
Scotch Plains, NJ

jjoshua

Premium Member

Don't bother

Don't secure your wireless network. Encrypt all traffic using a VPN. Deny all other wireless traffic.

If you need security, use a wired network.

karlmarx
join:2006-09-18
Moscow, ID

karlmarx

Member

That's not a realistic solution. Of course, if wireless encryption, WEP is easily cracked by any desktop in a matter of minutes. WAP has always been crackable, given enough processing power and a big enough data set. Of course, if that 1000 hour crack could be done in 6 minutes with an NVIDIA graphics card, that would be a game changer. But what are the options available? Assuming a regular PC would take about 5 months to brute force a 13 character key, using an Nvidia card would take that to about 45 minutes. Heck, I've got 45 minutes to waste outside an office building, do you?

Matt3
All noise, no signal.
Premium Member
join:2003-07-20
Jamestown, NC

Matt3

Premium Member

I believe it

Just look at how much faster your GPU is at Folding@Home or encoding a video. A DVD to WMV conversion on my E6750 takes close to 48 hours due to the upconversion to 720p. It takes 1 hour and 45 using my 9600GT.

GPUs are great at tasks that can utilize massively parallel architectures.

maartena
Elmo
Premium Member
join:2002-05-10
Orange, CA

maartena to karlmarx

Premium Member

to karlmarx

Re: Don't bother

said by karlmarx:

That's not a realistic solution.
Not for homes. But for offices it is. As a matter of fact my employer does not allow ANY wireless connection out of security reasons. We work with sensitive data and have to conform to bank-industry security standards. (We aren't a bank though).

The only wireless option we have considered, and isn't too hard to implement.... is using VPN. It wouldn't be too hard to install the VPN client we already use on our laptops, (which most have installed anyways as they take it home) and have them logon to a VPN before they can access *anything* on the network.

For offices VPN implementation isn't too difficult. And you can actually leave your wireless access points completely open, they only thing people will be able to reach on your network..... is a VPN server.
k1ll3rdr4g0n
join:2005-03-19
Homer Glen, IL

1 recommendation

k1ll3rdr4g0n

Member

Not again...

You know this stuff is really starting to *bug* me. Left and right I always see "WEP insecure don't use it", blah blah blah.
Anyone with fingers and more than 2 braincells to rub together will realize you can't just crack wireless APs with off the shelf wireless cards (at least the vast majority). That means that your neighbor is probably not going to be a "WEP cracker", so its safe to use WEP in a residential area. I'll bet anyone's neighbor here probably only knows the basics of Word. I would use something more industrial in a apartment area though; as since your signal can encompass more people...but in a urban/rural residential area where there is considerate amount of space between houses WEP is enough to keep the average doodle head from connecting to your wifi and thinking its his.
But again why are we even talking about this when the vast majority of people don't even use any protection at all! (Just walk down your street with your laptop, I'll bet you will find at least one open AP with a internet connection.)

I am NOT saying it isn't hackable, but for the amount of time it takes...I think some "researchers" are stretching the truth. Somehow I doubt someone can crack a 128bit wep key in a matter of minutes on the average laptop. And for the people that say that WEP is really insecure...again in an urban/rural area is there actually people going around *wasting* their time sitting in a car just to see if they can crack your WEP key? If they are I haven't seen any. If anything they would be driving around trying to find an open wifi AP.

AVD
Respice, Adspice, Prospice
Premium Member
join:2003-02-06
Onion, NJ

AVD

Premium Member

said by k1ll3rdr4g0n:

You know this stuff is really starting to *bug* me. Left and right I always see "WEP insecure don't use it", blah blah blah.
Anyone with fingers and more than 2 braincells to rub together will realize you can't just crack wireless APs with off the shelf wireless cards (at least the vast majority).
You mean the vast majority of G cards cant go into promiscuous mode, but I'm sure you can get lots of hardware out there on the internet that can. WEP is dead. obsolete.

jmn1207
Premium Member
join:2000-07-19
Sterling, VA

1 edit

jmn1207

Premium Member

said by AVD:

You mean the vast majority of G cards cant go into promiscuous mode, but I'm sure you can get lots of hardware out there on the internet that can. WEP is dead. obsolete.
Probably so, but it's perfect for making sure the old retired couple next door doesn't accidentally connect to my wireless network, and it still allows the fastest transfer speeds considering the tiny overhead it creates.

We are talking about your neighbors with a few Dell computers that have very little understanding of networking protocols. WEP is an obsolete security measure, but it can be used to prevent a neighbor from inadvertently hijacking your connection, while still making it simple for your guests to be able to connect without having to delve into the router's advanced feature settings.

kamm
join:2001-02-14
Brooklyn, NY

1 edit

kamm to k1ll3rdr4g0n

Member

to k1ll3rdr4g0n
said by k1ll3rdr4g0n:

You know this stuff is really starting to *bug* me. Left and right I always see "WEP insecure don't use it", blah blah blah.
Anyone with fingers and more than 2 braincells to rub together will realize you can't just crack wireless APs with off the shelf wireless cards (at least the vast majority). That means that your neighbor is probably not going to be a "WEP cracker", so its safe to use WEP in a residential area. I'll bet anyone's neighbor here probably only knows the basics of Word. I would use something more industrial in a apartment area though; as since your signal can encompass more people...but in a urban/rural residential area where there is considerate amount of space between houses WEP is enough to keep the average doodle head from connecting to your wifi and thinking its his.
But again why are we even talking about this when the vast majority of people don't even use any protection at all! (Just walk down your street with your laptop, I'll bet you will find at least one open AP with a internet connection.)

I am NOT saying it isn't hackable, but for the amount of time it takes...I think some "researchers" are stretching the truth. Somehow I doubt someone can crack a 128bit wep key in a matter of minutes on the average laptop. And for the people that say that WEP is really insecure...again in an urban/rural area is there actually people going around *wasting* their time sitting in a car just to see if they can crack your WEP key? If they are I haven't seen any. If anything they would be driving around trying to find an open wifi AP.
Jesus, sweet ignorance.
I bet you live in some remote place - visit NYC and you'll realize nobody has to go to anywhere, I can see 10+ wifi connection in my home and I live in nice brownstone area, on the corner of the best park in NYC, not in a multi-dwelling apt building area where literally hundreds of wifi APs are within connection range...

WEP is fuckin dead. Use it in any urban area and you get your @ss owned within days.
kamm

kamm to jmn1207

Member

to jmn1207
said by jmn1207:
said by AVD:

You mean the vast majority of G cards cant go into promiscuous mode, but I'm sure you can get lots of hardware out there on the internet that can. WEP is dead. obsolete.
Probably so, but it's perfect for making sure the old retired couple next door doesn't accidentally connect to my wireless network, and it still allows the fastest transfer speeds considering the tiny overhead it creates.

We are talking about your neighbors with a few Dell computers that have very little understanding of networking protocols. WEP is an obsolete security measure, but it can be used to prevent a neighbor from inadvertently hijacking your connection, while still making it simple for your guests to be able to connect without having to delve into the router's advanced feature settings.
This is the type of soft nonsense that gives people some ver false sense of security - it's BS, sorry, people should drop WEP altogether, period.

jmn1207
Premium Member
join:2000-07-19
Sterling, VA

jmn1207

Premium Member

I would drop the wireless security altogether, but it keeps out innocent neighbors. I live in a suburb of DC and only see 1 other wireless network out there. We have big lawns with lots of space around us, it probably is not anything like Brooklyn. The street I live on has no passing traffic and the house is adjacent to a hiking trail and creek. WEP is perfect for me.

AVD
Respice, Adspice, Prospice
Premium Member
join:2003-02-06
Onion, NJ

AVD to jmn1207

Premium Member

to jmn1207
said by jmn1207:

We are talking about your neighbors with a few Dell computers that have very little understanding of networking protocols. WEP is an obsolete security measure, but it can be used to prevent a neighbor from inadvertently hijacking your connection, while still making it simple for your guests to be able to connect without having to delve into the router's advanced feature settings.
AES is faster since encryption is done in hardware.

WEP keys are the most confusing system out the, hex keys in rotation. You can use a text passphrase to generate the WEP keys, but there is no guarantee that these text passphrases generate the same key amoung vendors.

Setting up WEP or WPA otherwise requires the same configuration effort in terms of configuring the router.

jmn1207
Premium Member
join:2000-07-19
Sterling, VA

jmn1207

Premium Member

Well, WPA was significantly slower in my experience with the equipment we mostly used. And of these two, if anyone really was interested in hacking into my network, neither would be worth a crap. So I went with the fastest performer of the 2 I had available.

jhegfwsa56
@161.216.158.x

jhegfwsa56 to kamm

Anon

to kamm
The correct word is minutes not days WEP can be cracked in way less than an hour with REGULAR hardware available at ANY store just pick the right model and that's it. Every store probably have at least two models ready to crack you POS WEP encryption.
patcat88
join:2002-04-05
Jamaica, NY

patcat88 to kamm

Member

to kamm
said by kamm:

This is the type of soft nonsense that gives people some ver false sense of security - it's BS, sorry, people should drop WEP altogether, period.
WEP isn't security, its avoidance. If someone has the time they will get in easily, but it will keep the vast majority of problems away.
patcat88

patcat88 to kamm

Member

to kamm
said by kamm:

Jesus, sweet ignorance.
I bet you live in some fuckin remote place - visit NYC and you'll realize nobody has to go to anywhere, I can see 10+ wifi connection in my home and I live in nice brownstone area, on the corner of the best park in NYC, not in a multi-dwelling apt building area where literally hundreds of wifi APs are within connection range...

...outside of your shack WEP is fuckin dead, try to understand it. Use it in any urban area and you get your @ss owned within days.
Union Square (NYC), each corner of the park has 250 APs visible, chance of connecting to any of them, zero b/c of noise levels.

Secure
@rr.com

Secure

Anon

A secure wireless connection

All I hear about is people cracking what is being done to prevent or create a more secure wireless experience?

What about Quantum cryptography why can't that be implemented in wireless devices?

»www.theinquirer.net/gb/i ··· lly-safe

At least make it a waste of time for users trying to freeload or conduct illegal activity, make it more difficult for them to crack it say 3 hours and then have your key or pass phrase rotated every hour and make you log in each session or something like that.

Would it be worth a hackers trouble to hack into a system when they will loose the lease in less than an hour?

With a better defense 2 or 3 hours would make it useless for a hacker to try and pick on your network nothing to see here move on approach.

I would like to learn how to break the encryption so I can learn how to try and come up with a solution or at least see what steps I could take to make it take longer to crack. Eventually enough people will be aware of the security holes and may decide to go wired as the safe way until the community of Genius figures out a way to make it a little more safe give us more time to track these intrusive bugs tools ect..

blueeyesm
join:2003-09-05
Waterloo, ON

blueeyesm

Member

If a GPU can be used to decrypt..

..why hasn't someone come with a method for a GPU to ENcrypt as well?

Sounds like it may be time to have a box acting as an AP that, once (honest) clients have successfully connected, be able to auto-generate and update the new encryption every xx minutes?

Or, maybe its time the average Joe stops being so damned lazy about their access security...

AVD
Respice, Adspice, Prospice
Premium Member
join:2003-02-06
Onion, NJ

AVD to patcat88

Premium Member

to patcat88

Re: Not again...

said by patcat88:

said by kamm:

Jesus, sweet ignorance.
I bet you live in some fuckin remote place - visit NYC and you'll realize nobody has to go to anywhere, I can see 10+ wifi connection in my home and I live in nice brownstone area, on the corner of the best park in NYC, not in a multi-dwelling apt building area where literally hundreds of wifi APs are within connection range...

...outside of your shack WEP is fuckin dead, try to understand it. Use it in any urban area and you get your @ss owned within days.
Union Square (NYC), each corner of the park has 250 APs visible, chance of connecting to any of them, zero b/c of noise levels.
A directional antenna cuts through all of that.

jjoshua
Premium Member
join:2001-06-01
Scotch Plains, NJ

jjoshua to Secure

Premium Member

to Secure

Re: A secure wireless connection

said by Secure :

What about Quantum cryptography why can't that be implemented in wireless devices?
I believe that quantum cryptography uses photons, not electromagnetism.

BIGMIKE
Q
Premium Member
join:2002-06-07
Gainesville, FL

BIGMIKE to jjoshua

Premium Member

to jjoshua

Re: Don't bother

Insecure.org Top 100 Network Security Tools
In 2000, Fyodor, creator of the NMap Scanner, conducted a survey of the readers of the nmap-hackers mailing list and compiled the Top 50 Security Tools.
»netsecurity.about.com/od ··· htm?rd=1

»sectools.org/index.html
beaups
join:2003-08-11
Hilliard, OH

beaups to jhegfwsa56

Member

to jhegfwsa56

Re: Not again...

I can crack 64 bit WEP in 1 minute and 128 bit in 5 tops. And the hidden ssid and MAC filtering is a joke and adds all of another 60 seconds to the process.

One real problem with wireless security is that "many" people feel it's only a tool to keep people from stealing their internet. Once your security is defeated, they can capture all of your online activity...this can be a big identity theft issue, or worse.

WPA (2) is the way to go with a long, very random password that contains no actual words. And it should be changed every couple days IMO
beaups

beaups to blueeyesm

Member

to blueeyesm

Re: If a GPU can be used to decrypt..

most routers don't have a GPU
k1ll3rdr4g0n
join:2005-03-19
Homer Glen, IL

k1ll3rdr4g0n

Member

Re: Not again...

said by AVD:

said by k1ll3rdr4g0n:

You know this stuff is really starting to *bug* me. Left and right I always see "WEP insecure don't use it", blah blah blah.
Anyone with fingers and more than 2 braincells to rub together will realize you can't just crack wireless APs with off the shelf wireless cards (at least the vast majority).
You mean the vast majority of G cards cant go into promiscuous mode, but I'm sure you can get lots of hardware out there on the internet that can. WEP is dead. obsolete.
I'm sure too, but what is the average person going to do?
Little Johny's dad isn't going to special order a card over the internet, hes going to walk in to bestbuy and grab a card off the shelf (if not already integrated). Remember I'm not talking about Big Johny with daddy's credit card, I'm talking about the average person.

If WEP is dead then why did Nintendo "embrace" it with the Nintendo DS?
said by kamm:

said by k1ll3rdr4g0n:

You know this stuff is really starting to *bug* me. Left and right I always see "WEP insecure don't use it", blah blah blah.
Anyone with fingers and more than 2 braincells to rub together will realize you can't just crack wireless APs with off the shelf wireless cards (at least the vast majority). That means that your neighbor is probably not going to be a "WEP cracker", so its safe to use WEP in a residential area. I'll bet anyone's neighbor here probably only knows the basics of Word. I would use something more industrial in a apartment area though; as since your signal can encompass more people...but in a urban/rural residential area where there is considerate amount of space between houses WEP is enough to keep the average doodle head from connecting to your wifi and thinking its his.
But again why are we even talking about this when the vast majority of people don't even use any protection at all! (Just walk down your street with your laptop, I'll bet you will find at least one open AP with a internet connection.)

I am NOT saying it isn't hackable, but for the amount of time it takes...I think some "researchers" are stretching the truth. Somehow I doubt someone can crack a 128bit wep key in a matter of minutes on the average laptop. And for the people that say that WEP is really insecure...again in an urban/rural area is there actually people going around *wasting* their time sitting in a car just to see if they can crack your WEP key? If they are I haven't seen any. If anything they would be driving around trying to find an open wifi AP.
Jesus, sweet ignorance.
I bet you live in some remote place - visit NYC and you'll realize nobody has to go to anywhere, I can see 10+ wifi connection in my home and I live in nice brownstone area, on the corner of the best park in NYC, not in a multi-dwelling apt building area where literally hundreds of wifi APs are within connection range...

WEP is fuckin dead. Use it in any urban area and you get your @ss owned within days.
Yes! Another person who doesn't read posts!
If you read my post I said that you should something else in an apartment area. And I like the use of "curse" words...hmmm. Oh and btw, I have been using WEP for years and no one ever got into my APs, what do you say to that? (I live in an urban/rural area like I talked about in my post...).
said by kamm:

said by jmn1207:
said by AVD:

You mean the vast majority of G cards cant go into promiscuous mode, but I'm sure you can get lots of hardware out there on the internet that can. WEP is dead. obsolete.
Probably so, but it's perfect for making sure the old retired couple next door doesn't accidentally connect to my wireless network, and it still allows the fastest transfer speeds considering the tiny overhead it creates.

We are talking about your neighbors with a few Dell computers that have very little understanding of networking protocols. WEP is an obsolete security measure, but it can be used to prevent a neighbor from inadvertently hijacking your connection, while still making it simple for your guests to be able to connect without having to delve into the router's advanced feature settings.
This is the type of soft nonsense that gives people some ver false sense of security - it's BS, sorry, people should drop WEP altogether, period.
Why? Because you say so? Because the neighborhood tech guy says so? Because geek squad says so?
If it works in residental areas, why should they use anything different? Oh I know because everyone has bought a wireless card from the internet that can go into "promiscuous mode" right? Better watch out your neighbor might also be a computer hacker too!
said by jhegfwsa56 :

The correct word is minutes not days WEP can be cracked in way less than an hour with REGULAR hardware available at ANY store just pick the right model and that's it. Every store probably have at least two models ready to crack you POS WEP encryption.
Really? So I can go pickup a Linksys G card and I'm set?
said by patcat88:

said by kamm:

This is the type of soft nonsense that gives people some ver false sense of security - it's BS, sorry, people should drop WEP altogether, period.
WEP isn't security, its avoidance. If someone has the time they will get in easily, but it will keep the vast majority of problems away.
I think you just proved what I was saying. Is someone really going to sit outside your house with their laptop just to get into your network?

I think we should all rethink what we are talking about. jmn1207 has the right idea:
said by jmn1207:

Well, WPA was significantly slower in my experience with the equipment we mostly used. And of these two, if anyone really was interested in hacking into my network, neither would be worth a crap. So I went with the fastest performer of the 2 I had available.
If someone REALLY WANTS to get into a network, they will find a way. I don't care about time, if someone is dead set into getting into your network (wireless or not) they will get into it. Majority of technology out there will keep the script kiddies at bay, but a hard veteran that knows what he is doing will get into your WEP/WPA/WPA2 network. But the same arugment I made eariler can be applied again: What does the average person have and know? The average person doesn't know jack about computers. Is the average person actually going to go out of their way just to learn how to crack your wireless? Possiblly, if you piss them off or something...but generally not.

Everyone here is treating the average person as some script kiddie who has access to their parents credit card, which this is NOT the case. If it was, then how come entities like geek squad are able to make so much money off of people (and charge ungodly rates to do it)?

swhx7
Premium Member
join:2006-07-23
Elbonia

swhx7 to blueeyesm

Premium Member

to blueeyesm

Re: If a GPU can be used to decrypt..

There may be some reason against your suggestion that I don't know about, but it really seems like a good idea. The whole point of modern cryptography is that encrypting is many orders of magnitude faster than decrypting without a key, and the obstacle to wider use has been computation time, so if the GPU is well suited to breaking crypto, it should make strengthening crypto trivial.

Even better would be a dedicated crypto chip as standard equipment on PCs. This was one goal of the "trusted computing" scheme, but unfortunately those chips deny the owner access to the root key, which makes it a DRM chip instead of security for the owner. But a variation of the concept, with owner control, could make wireless encryption as close to unbreakable as anything in use today. I think VIA has made one that fits the description.

AVD
Respice, Adspice, Prospice
Premium Member
join:2003-02-06
Onion, NJ

AVD to k1ll3rdr4g0n

Premium Member

to k1ll3rdr4g0n

Re: Not again...

Why encrypt? If you want to keep the old lady off your network just turn of your SSID and mac filter.
dentman42
Premium Member
join:2001-10-02
Columbus, OH

dentman42 to beaups

Premium Member

to beaups

Re: If a GPU can be used to decrypt..

said by beaups:

most routers don't have a GPU
Sure they do. A wireless-G Processing Unit.

pooperscooper
@algx.net

pooperscooper

Anon

jjoshua

What do you think photons are made out of exactly?
RandSec
join:2008-10-10

RandSec

Member

Scare Tactics

Note that "an astonishing 10,000 percent" is a somewhat less astonishing 100 times, and represents a search space reduction of less than 7 bits. This is compared to 128 key bits for WPA and 256 key bits for WPA2.
For users with long random keys, any straightforward computational improvement (such as huge banks of massively parallel machines) is insignificant. The problem is to get people to take advantage of the available key bits by using long random keys which nobody can remember. One solution may be to introduce users to a key manager (like Password Safe) on a flash drive.
WEP is "broken" in the sense that it may be faster to use modern attack tools to expose a WEP key than to copy it over manually.
Pv8man
join:2008-07-24
Hammond, IN

Pv8man

Member

256 bit

I can crack 256 bit WEP in under an hour WITHOUT a NVidia card, by using the chop-chop attack built into aircrack-ng suite that comes with backtrack3.

You can keep sending forged authentication packets to the AP in an attempt to keep your MAC active.

But for those of you who say just use a MAC filter.
Your MAC address could easily be seen in the air and spoofed, right after you de-auth the original client of whom you are cloning .
TheMG
Premium Member
join:2007-09-04
Canada

1 recommendation

TheMG

Premium Member

Meh...

Wired FTW. I just can't go without my gigabit ethernet!
page: 1 · 2 · next