snipper_cr Premium Member join:2002-01-22 Wheaton, IL |
Paper thin?A condom is paper thin and look how much protection THAT offers :-D :P
Anyawys jokes aside, this shouldnt come as too much of a suprise. I mean, how much security can a password protected system really offer? Eventually, someone is going to find a way around it and break in, this as a case.
The major threat are those 70% un protected networks. I know in my room alone, i can pick up 3 networks, only ONE of them is secure. The rest i can log in, view network places, go into the routers admin page (admin/admin logins usually).
WEP needs to be AUTOMATICALLY enabled if we wish to deture major network threats. | |
|
| reub2000 Premium Member join:2001-12-28 Evanston, IL |
reub2000
Premium Member
2005-Apr-1 8:03 pm
Re: Paper thin?You mean WPA-PSK. I feel safe using a randomly generated string of letters, uppercase letters, and numbers, at least 20 chars long and changed every few months. I get complains, but IMO it better than being hacked. | |
|
| | donaldk Premium Member join:2000-10-19 Halifax, NS |
donaldk
Premium Member
2005-Apr-1 9:25 pm
Re: Paper thin?Fort most people getting WPA-PSK is too much of a pain in the ass to get working on XP... especially the novices. | |
|
| | | reub2000 Premium Member join:2001-12-28 Evanston, IL |
reub2000
Premium Member
2005-Apr-1 9:27 pm
Re: Paper thin?it is? I haven't had any problems other than mistyped keys. And one would strongly asume that would affect WEP too. | |
|
| |
to snipper_cr
see, if the fbi can do it in 3 minutes, think of what a hacker with SKILLZ can do... | |
|
| andreo join:2001-03-30 Des Moines, IA |
to snipper_cr
There are also times when the wireless components don't offer WPA. For example: the wireless media kits that are coming out (like Buffalo's new wireless media player) and wired to wireless network bridges. So your left either not enabling protection or adding the flawed WEP protection. While WEP is better then sticking your network out there for all the world to access, I think the product manufactures should be adding WPA (and the long promised firmware updates, in some cases) to their products. | |
|
| |
to snipper_cr
This is ridiculous ! Don't ever use WEP ! Just use WPA,a long pre-shared key with AES algorithm, and finally add VPN. Then software firewall all the Windows computers with ZA or ZAP and restrict access between all the computers and only allow access to the server.
There are also some million dollar networking tricks to expensively lock down a basic Windows file sharing network to make it mostly unbreakable and some are very obvious if you read them but I will not post them publicly here or they will lose there secrecy and value to all those experienced administrators who currently use them. | |
|
| | Tech-2005 |
Tech-2005
Anon
2005-Apr-2 3:44 am
Re: Paper thin?Correction... To "inexpensively" lock down a Windows Network there are a number of tricks you can use. Sorry about the typo mistake. | |
|
| |
to snipper_cr
This is my first posting so my apology if not quite right.
I looked over the the fairly limited overview of the FBI crack of wep. The article displayed a "key" which actually resembled the stream that would be generated by RC4 which then encrypts or decrypts the frame.
My question is, is the encryption key cracked or the cypher stream?
Thanks to anyone who can shed a little light.
Bob | |
|
| |
to snipper_cr
OK MAYBE THIS IS TE WRONG PLACE TO POST THIS BUT I NEEDS HELP CRACKING A WEP KEY ANYONE GOT ANY WAYS? | |
|
JRW2R.I.P. Mom, Brian, Gary, Ziggy, Max. Premium Member join:2004-12-20 La La Land |
JRW2
Premium Member
2005-Apr-1 6:24 pm
What!?!?!?!? The FBI demonstrated this attack to the computer security professionals at the ISSA meeting in order to show the inadequate protection offered by WEP. It is one thing to read stories of WEP being broken in minutes, but it is shocking to see the attack done right before your eyes. It was fast and simple.
Thankfully, the FBI are the good guys.
I love this comment at the end of the story... The FBI are good guys???? I don't think so!!! | |
|
| Bill Premium Member join:2001-12-09 |
Bill
Premium Member
2005-Apr-1 6:30 pm
Re: What!?!?!?!?They are the good guys compared to others who could be cracking your network. | |
|
| | |
meta
Member
2005-Apr-1 9:05 pm
Re: What!?!?!?!?wtf bill, they arent the good guys. If they are breaking into your network its probablly to toss u in jail for 10-15 hard time. If the wardrivers do it, its to check their mail. and if the kiddiots do it, its to steal ur credit card (which ur CC company will refund to u)
Out of all of these options, WHO would you like cracking into your network. | |
|
| | | ff1324Everybody Goes Home Premium Member join:2002-08-24 On Four Day |
ff1324
Premium Member
2005-Apr-2 2:16 am
Re: What!?!?!?!?said by meta:wtf bill, they arent the good guys. If they are breaking into your network its probablly to toss u in jail for 10-15 hard time. What do you have to hide? They can look at my computers all they want. They'll find firefighting pictures, about a billion pictures of my kid, saved MOHAA games, and emails from my parents, coworkers, and college friends. Yeah, I've got a lot to hide there.... So, what are you hiding? | |
|
| | | | |
| | | | RR ConductorRidin' the rails Premium Member join:2002-04-02 Redwood Valley, CA |
to ff1324
It's called right to privacy | |
|
| | | | localhost Premium Member join:2005-01-19 Cypress, CA |
to ff1324
when your ISP shuts off your internet connection because you have been sending unsolicited emails, then maybe you'll figure out why you need security. | |
|
| | | | | ff1324Everybody Goes Home Premium Member join:2002-08-24 On Four Day |
ff1324
Premium Member
2005-Apr-3 9:37 am
Re: What!?!?!?!?I'm not talking about keeping your computer secure. I'm saying, if you have nothing to hide, why the suspiscion of the investigative agencies? | |
|
| | | | | | |
ICE1
Anon
2005-Apr-3 11:10 am
Re: What!?!?!?!?We all have something to hide.....our personal information...privacy rights....do I need to say more? I wouldnt want the FBI or any government agency browsing thru my network. Have you forgotten that we are living in a country where you are guilty to proven innocent. | |
|
| nixenRockin' the Boxen Premium Member join:2002-10-04 Alexandria, VA |
nixen to JRW2
Premium Member
2005-Apr-1 8:34 pm
to JRW2
Good is a relative term.
In this instance, it was a demonstration of capability. It wasn't charges showing up on your bank statement.
-tom | |
|
| damox Premium Member join:2002-01-07 Olympia, WA |
damox to JRW2
Premium Member
2005-Apr-2 12:04 am
to JRW2
said by JRW2:The FBI are good guys???? I don't think so!!! Yeah, in this country, unless you're a criminal, or you just happen to be into anarchy, law enforcement is the good guys, unless of course you've been watching too many of those movies where law enforcement is portrayed as the bad guys! | |
|
| | |
Re: What!?!?!?!?said by damox:Yeah, in this country, unless you're a criminal, or you just happen to be into anarchy, law enforcement is the good guys, unless of course you've been watching too many of those movies where law enforcement is portrayed as the bad guys! I'm sorry, but my freedoms are much too valuable to protect by faith alone. I'll opt for separation of powers, enforcement of the Bill of Rights, and send a check to the ACLU every year to help me keep an eye on people or orgainizations or government employees who might possibly (and sometimes DO, in fact) cut the corners of my rights as a United States citizen in their enthusiasm to execute the laws of this land. The "only the bad guys have to worry" method of protecting personal rights has been shown to be not sufficient time and time again, throughout history. | |
|
| | | damox Premium Member join:2002-01-07 Olympia, WA |
damox
Premium Member
2005-Apr-2 3:17 pm
Re: What!?!?!?!?There's a huge difference between wanting to protecting ones freedoms, and considering law enforcement the "bad guys". I'm all for watch dog groups who work to insure that our rights and freedoms are being protected, but law enforcement is there to protect me from criminals. That is not to say that there are not some criminals who masquerade as law enforcement, and that is not to say that law enforcement is perfect, because obviously there are criminals who hide behind a badge and law enforcement agencies do make mistakes, but overall, law enforcement is for our good, they are not our enemies. | |
|
| | | | |
Re: What!?!?!?!?I can't argue with that, you're right. | |
|
|
No surprise hereDrive 10 miles from my house and you would get hundreds, i mean HUNDREDS of unprotected wireless networks. The scary/funny part? I live in hicksville, usa. :P
They have many funny names, lots of curse words for network names. :P | |
|
| snipper_cr Premium Member join:2002-01-22 Wheaton, IL |
Re: No surprise hereI still think the most common one ive come accross is:
linksys
or
motorola
Generally if you find one of those its un protected, but not all.
Hell, we were able to get high speed internet while on vacation in florida from a linksys unprotected service... and the people were never home! | |
|
1 edit |
Thank God I still only have a wired routerOK, I don't really need a wireless one since there are no laptops in our house, but it's nice to not have to worry about someone getting relatively easy access to my network. | |
|
|
hx02
Anon
2005-Apr-1 6:45 pm
3mins... under *nix3mins is a bit low, i have done it in an hour under under winblows with minimal network traffic. really the fbi cheated by creating more network traffic by interfering with the network, i prefer to do everything passively for all you peeps wondering how to hax0r, just look for history here @ bbr and find the article about wep cracking comparisons from a few months ago btw I use aircrack in XP » www.cr0.net:8040/code/ne ··· ircrack/ | |
|
| |
Re: 3mins... under *nixyou are awesome. | |
|
| | pcscdmahi Premium Member join:2004-01-14 Winterset, IA |
pcscdma
Premium Member
2005-Apr-2 3:38 pm
Re: 3mins... under *nixlike, tottally! | |
|
|
And yet....Here's the FBI demonstrating what can happen with improper wireless security practices, while the other 700 government agencies can't secure their wired networks. | |
|
| nixenRockin' the Boxen Premium Member join:2002-10-04 Alexandria, VA |
nixen
Premium Member
2005-Apr-1 8:36 pm
Re: And yet....said by bradleym:Here's the FBI demonstrating what can happen with improper wireless security practices, while the other 700 government agencies can't secure their wired networks. Yeah, well... Why should their wireless networks be any different than any of their other computing infrastructure. -tom | |
|
| | B04 Premium Member join:2000-10-28 |
B04
Premium Member
2005-Apr-1 8:47 pm
Re: And yet....And the Secret Service lets its employees log in as administrator, and can't trust them not to disable government-mandated background applications. (See recent password cracking story.)
-- B | |
|
|
hehits good to know a police agency with billions in funding has 'discovered' this flaw and how to exploit it ... I'm sure glad my government is lookin out for me. | |
|
| |
pv8man999
Anon
2005-Apr-2 6:37 pm
Re: hehwell, of course they can crack it in 3 minutes. They problably had a packet generator sending shit loads of packets from point to router. It's easy to do it with that much traffic going through the air. | |
|
|
ICE1
Anon
2005-Apr-3 11:03 am
Dont forget.....That the NSA is the first agency to receive any new technology before it hits the market. If that agency hasn't found a way to crack and/or monitor activity the new activity, it won't get put on the open market. | |
|
|
|