dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
51

ITALIAN926
join:2003-08-16

1 recommendation

ITALIAN926 to BabyBear

Member

to BabyBear

Re: Stupid is as Stupid does.

People who dont break copyright laws, and properly secure their routers, have little to worry about.
ke4pym
Premium Member
join:2004-07-24
Charlotte, NC

2 recommendations

ke4pym

Premium Member

said by ITALIAN926:

People who dont break copyright laws, and properly secure their routers, have little to worry about.

Properly secure their routers? Really? You do know it can take as little as 30 seconds and not much more than a few days to crack a router/AP, right?

Even with WPA2...

ITALIAN926
join:2003-08-16

ITALIAN926

Member

Theres no way in hell youre cracking my WPA2 WITH MAC filtering, aint happening, and if you do , you should be putting your skills to good use, not stealing last Season of Dexter of my internet connection.

firephoto
Truth and reality matters
Premium Member
join:2003-03-18
Brewster, WA

1 recommendation

firephoto to ITALIAN926

Premium Member

to ITALIAN926
said by ITALIAN926:

People who dont break copyright laws, and properly secure their routers, have little to worry about.

So you've never saved an image you've seen on the internet? Copied and pasted some text? Acquired some pdf files?

You have most certainly broke copyright laws even if you do not download videos and music from file sharing networks.

Now go on and explain to me how it is different.
Kamus
join:2011-01-27
El Paso, TX

Kamus to ITALIAN926

Member

to ITALIAN926
Adorable, you actually believe you haven't infringed copyright.

ITALIAN926
join:2003-08-16

ITALIAN926

Member

Not purposefully, or intentionally. Id like you to claim that torrent software accidentally appeared on your computer, along with 9 seasons of Seinfeld. Adorable.
familypizza
join:2013-01-07

1 recommendation

familypizza to ITALIAN926

Member

to ITALIAN926
Just so we're clear... your setup can be cracked. All a person would have to do is capture the 4-way handshake when it takes place, then crack the password (via dictionary or brute force)

As for as MAC filtering goes... this literally adds zero additional security. Any sniffer worth it's salt would tell me the MAC addresses that are currently connected to your network, then all you would have to do is spoof that MAC address to satisfy the "high security MAC filtering"

For someone who knows what they're doing... it's trivial. Even more so if the password they are using is a dictionary word, or a 10 digit number (like a phone number)
Ammler
Premium Member
join:2005-04-19
Pittsburgh, PA

1 recommendation

Ammler

Premium Member

And what about a series of random letters and numbers? I still say license plates make the best passwords.
ke4pym
Premium Member
join:2004-07-24
Charlotte, NC

ke4pym

Premium Member

said by Ammler:

And what about a series of random letters and numbers? I still say license plates make the best passwords.

It'll take a little longer. But not much. If you're my neighbor then it'll be game up.
ke4pym

ke4pym to ITALIAN926

Premium Member

to ITALIAN926
said by ITALIAN926:

Theres no way in hell youre cracking my WPA2 WITH MAC filtering, aint happening, and if you do , you should be putting your skills to good use, not stealing last Season of Dexter of my internet connection.

I would strongly suggest you read up on how weak WiFi systems are.

And it doesn't take skills. Unless you count downloading an iso, sending it to a bootable USB key and booting from said USB key and clicking "Go" when the system boots - skills.
kitsune
join:2001-11-26
Sacramento, CA

kitsune

Member

said by ke4pym:

said by ITALIAN926:

Theres no way in hell youre cracking my WPA2 WITH MAC filtering, aint happening, and if you do , you should be putting your skills to good use, not stealing last Season of Dexter of my internet connection.

I would strongly suggest you read up on how weak WiFi systems are.

And it doesn't take skills. Unless you count downloading an iso, sending it to a bootable USB key and booting from said USB key and clicking "Go" when the system boots - skills.

I think you need to do a little more reading yourself. WPA2-AES is still difficult to crack. Certainly not going to break it in a few minutes. Especially if you are using a password of decent length.

Now if you are using the router from your service provider with WEP security, you are hosed. But that is not the current standard.
Kamus
join:2011-01-27
El Paso, TX

1 recommendation

Kamus to ITALIAN926

Member

to ITALIAN926
said by ITALIAN926:

Not purposefully, or intentionally

Oh, so that makes it OK then? Double standards much?
Jazzemt
join:2009-02-12
USA

Jazzemt to kitsune

Member

to kitsune
It is not cracking the wpa. It is using a tool like Reaver and cracknig the WPS which is in most routers and cannot be turned off. And some of the ones where it can be turned off it is still crackable. At that point spofing the mac and knowing the WPS key you are assigned the WPA key and there is a tool or two to show what the wpa key is when you have it local. The longest I have seen it take was two hours. Usually under 30 minutes.
ke4pym
Premium Member
join:2004-07-24
Charlotte, NC

ke4pym

Premium Member

said by Jazzemt:

It is not cracking the wpa. It is using a tool like Reaver and cracknig the WPS which is in most routers and cannot be turned off. And some of the ones where it can be turned off it is still crackable. At that point spofing the mac and knowing the WPS key you are assigned the WPA key and there is a tool or two to show what the wpa key is when you have it local. The longest I have seen it take was two hours. Usually under 30 minutes.

Ditto
silbaco
Premium Member
join:2009-08-03
USA

silbaco to ke4pym

Premium Member

to ke4pym
Crack WPA2 in 30 seconds? Not going to happen.

ITALIAN926
join:2003-08-16

ITALIAN926

Member

My WPA2 is VERRRRRRY long, these guys are insane. These guys actually use weak encryption as a reason to break copyright law. If you all stop doing it, we wouldnt need to encrypt with 30+ character WPA2
rahvin112
join:2002-05-24
Sandy, UT

rahvin112 to Jazzemt

Member

to Jazzemt
It's not just WPS, with the password lists available with John the Ripper (or elsewhere) you can dictionary attack the password in almost no time at all. It's pretty rare actually that anything short of 12+ random numbers, letters and special characters isn't part of the lists. Before I switched to passphrases I grep'd almost every single password I use out of the lists, it was eyeopening.

TamaraB
Question The Current Paradigm
Premium Member
join:2000-11-08
Da Bronx
·Verizon FiOS
Ubiquiti NSM5
Synology RT2600ac
Apple AirPort Extreme (2013)

TamaraB

Premium Member

said by rahvin112:

It's pretty rare actually that anything short of 12+ random numbers, letters and special characters isn't part of the lists.

Really? I use pass-phrases, They take the form of "W#en T#e $un $h|n#$ |t'$ V#ry 3r|g#t 0ut$|d#" A 40 character+ pass-phrase with special characters replacing letters. Which can be remembered quite easily if you craft it intelligently. I don't think such a random phrase crafted this way will show up on any list, and the number of combinations and permutations is beyond the capability of anything short of a bank of supercomputers to discover in time to make the discovery usable. I use such pass-phrases on my computers as well.

Short of cracking the algorithm itself, which as far as I know has not been done yet, systems protected this way are as secure as they can be.
familypizza
join:2013-01-07

familypizza

Member

said by TamaraB:

said by rahvin112:

It's pretty rare actually that anything short of 12+ random numbers, letters and special characters isn't part of the lists.

Really? I use pass-phrases, They take the form of "W#en T#e $un $h|n#$ |t'$ V#ry 3r|g#t 0ut$|d#" A 40 character+ pass-phrase with special characters replacing letters. Which can be remembered quite easily if you craft it intelligently. I don't think such a random phrase crafted this way will show up on any list, and the number of combinations and permutations is beyond the capability of anything short of a bank of supercomputers to discover in time to make the discovery usable. I use such pass-phrases on my computers as well.

Short of cracking the algorithm itself, which as far as I know has not been done yet, systems protected this way are as secure as they can be.

For sure, except the people posting in here about their non dictionary 30+ character passwords (with special characters) do not reflect what 95% of people actually use.

No one is trying to say AES is weak... they're trying to say if you use a weak / semi weak password (which most normal users do) then you are susceptible to having their network possibly used by unauthorized users.

KrK
Heavy Artillery For The Little Guy
Premium Member
join:2000-01-17
Tulsa, OK

KrK to ITALIAN926

Premium Member

to ITALIAN926
Well that doesn't include you, then?
davidkassa
join:2013-06-03
Verona, WI

davidkassa to TamaraB

Member

to TamaraB
This is a pretty good method, but crackers definitely know this "trick". I encourage everyone to read this article. »arstechnica.com/security ··· sswords/

It talks about how even pass-phrases are easily cracked when simple substitution is used. The ultimate recommendation is use a password manager and make your long passwords truly random.