  OmegaDisplaced OhioanPremium
join:2002-07-30
Cheyenne, WY |  So....
Say your neighbor has WPA. A one time $17 payment means unlimited and free internet for a long long time.
--
Whats smells like blue? | |
|
 | | | Re: So.... I think that's why it is on DSLR. | |
|
|  BabyBearKeep wise ...with Nite-Owl
join:2007-01-11 | said by Omega:Say your neighbor has WPA. A one time $17 payment means unlimited and free internet for a long long time. Just better hope they don't get details of your transaction. Since afterall hacking into someone's network is illegal.  | |
|
| | | nothing...
and
network security penetration consultant
is proper corporate term
you can call em hackers like they are
just this breed is cowardly and dont want to be called what they really are | |
|
| | | said by Omega:What's stopping someone from using this service to attack someone else's WPA network? Say your neighbor has WPA. A one time $17 payment means unlimited and free internet for a long long time. This same idea was posted before (hacking WPA using GPUs).
Nothing, and I repeat NOTHING will 100% stop your neighbor from getting into your wireless AP. If a person is determined enough, they can and WILL get in. I don't care how many bits encryption you use - there is still one factor that can ALWAYS be exploited and that is, of course, the human factor. Are you sure that is an "official" Comcast guy coming into your house checking up on your service?  You may say "Well, I am always cautious about stuff like that." But can you honestly say the same thing about your roommate or significant other?
With that said, how many people do you know are actually taking the time out of their day to steal wifi from encrypted APs (WEP/WPA/WPA2)? I know exactly 0 people doing this. Why? It takes time, hardware (thus money) to do it.
We know that WEP is crackable. This is a fact. It is also a fact that people aren't zooming up and down the street in a van cracking WEP encrypted APs. And if they are, I would bet that they would be more interested in getting into unsecured APs than secured ones. And I would say that the open ones are more interesting because you have a wider radius of clients rather than one household. Sometimes you have to compare facts with reality. And if you don't accept reality, I can find a number for a good shrink.
In my opinion, who cares what AP encryption is cracked or not - the point that many people seem to miss is that while the older encryption algorithms aren't as secure it still keeps Average Joe from connecting to your AP. Nothing will stop Hacker Joe from getting in - it will deter him, but it won't stop him.
In fact to contrast with another algorithm; MD5. Many people say that it is "cracked". I'll tell you what, if I take an MD5 hash if a 1GB file and you can tell me what the contents was I will have a very big red face on and be sure to work for you because you have just discovered a very good compression technique. Nope? Didn't think so. | |
|
| | Lazlow
join:2006-08-07
Saint Louis, MO
1 edit | Re: So.... As far as people driving around and doing this; I suggest you google war driving and its variations. There are a lot of people doing this. To some it is just a sport. There are several groups here is St. Louis each with well over fifty members. In any town of over 10K I have been in the last ten years, there are people doing this. To be clear, I do not go out of my way to find these people, I just keep an eye out. If you have a college or computer school in your area, there are definitely people doing it.
As far as the hardware goes, for the sub 12 digit stuff, just about anybody has enough hardware to crack one in under a week(in most cases under a day).
Assuming the essid is in the top 1000 popular list, you would download a 30Mb(specific to that essid) file and run it against the password. A 700Mhz PIII can run about 17,000 passwords a second. It does not require an uber computer or any great computer genius.
If you use a long essid and a long password with regular changes(once every 3 months?), you can probably keep 99% of them out. Anybody with a large zombie collection you are not going to keep out, but anybody with those kinds of resources are unlikely to be going after an AP. | |
|
| | | | | Re: So.... said by Lazlow:As far as people driving around and doing this; I suggest you google war driving and its variations. There are a lot of people doing this. To some it is just a sport. There are several groups here is St. Louis each with well over fifty members. In any town of over 10K I have been in the last ten years, there are people doing this. To be clear, I do not go out of my way to find these people, I just keep an eye out. If you have a college or computer school in your area, there are definitely people doing it. As far as the hardware goes, for the sub 12 digit stuff, just about anybody has enough hardware to crack one in under a week(in most cases under a day). Assuming the essid is in the top 1000 popular list, you would download a 30Mb(specific to that essid) file and run it against the password. A 700Mhz PIII can run about 17,000 passwords a second. It does not require an uber computer or any great computer genius. If you use a long essid and a long password with regular changes(once every 3 months?), you can probably keep 99% of them out. Anybody with a large zombie collection you are not going to keep out, but anybody with those kinds of resources are unlikely to be going after an AP. Something sounds fishy about your groups. Why would anyone in their right mind say they are wardrivers, users that are attempting to illegally gain access to an AP. To me that sounds like a recipe for disaster. I never said people it wasn't a possibility they were, I just don't think they are.
I have actually eyed my college, and there was only one person who I know of who claimed to be able to do it and he wasn't exactly an A student. I would say 1/~1000 is good odds that there isn't people running up and down my street looking for WEP APs.
There are people who have supposedly hooked up a wireless router wrong (plugged the LAN side BACK into the wall and serving DHCP to the other residents in the dorm).
We have 2 networking courses that teach you all about networking and routing. With that said, everyone complains about having to download some crappy AV and clean access if you run Windows yet if you run Linux/Mac you are let right on. What is really amazing is that the computer science majors haven't figured out that enabling ip forwarding in Linux will allow them to by pass this requirement (plug the Linux box into the wall, take another cable from the Linux box and plug it into an AP, the rest isn't that hard either). This goes to show you how lazy they are.
So as far as the college campus is concerned, the probabilty of someone having both the knowledge and the equipment to do any sort of cracking is very low. Then again it is a small college to begin with. But, you still have to apply reality with the facts.
Of course, I can't comment outside of my area, but from my observations of people around my area - wireless security not a concern of mine. And even if it was a concern, it is illegal and if I ever caught someone I would press charges. From your comment, you seem like the kind of person who just watches and laughs with them. Me, I would pick up the phone and call the police.
And what does the essid have to do with anything?
Neither WEP or WPA utilize the essid in any form.
»en.wikipedia.org/wiki/Wired_Equi···_Privacy
»en.wikipedia.org/wiki/Wi-Fi_Protected_Access
WEP cracking is best done under Linux which, even if you are copying/pasting commands, you still need a certain familiarity with Linux and commands. You also need a card that can go into promiscuous mode - which you MAY be able to pick up at your local Best Buy...however its not like it has it on the box. And Little Johnny or Average Joe wouldn't know. | |
|
| | | | Lazlow
join:2006-08-07
Saint Louis, MO
1 edit | Re: So.... 1st. If you had bothered to look up war driving you would have seen that it is not illegal. The groups often get together and have competitions. Some are how many APs you can find in a given period of time(usually tied in with gps for proof). Another game is similar to geocaching where clues are left on essids. Some games do step over the line (as in not legal) and actually access the AP.
From your almost total lack of knowledge on the subject I am not surprised that you cannot find anyone. Do you even no the basic symbols to look for?
Once again the hardware requirements are really minimal. A 700Mhz PIII is sufficient, especially if one can use the pre made tables. Virtually all the software (windows or Linux) provides a list of cards that are best to get the job done. Again many of these cards are in the $20 range, so it is within reach of virtually anyone.
"WPA uses the passphrase you provide and the ESSID as a seed to create the actual encryption key."
From:»www.fonerahacks.com/forums/viewt···=4&t=158
Which was just the first reference I happened to find.
A simple google search on howto X, will yeild a step by step guide on how to do this. Most include the software and hardware requirements required to get the job done.
I think you are vastly underestimating the number of people who are now using Linux. While Linux may be the preferred platform, the software to do this is also available for windows.
Our local Walmart carries three usb dongles that have the proper chipsets to use for this activities. | |
|
| | | | | | | Re: So.... said by Lazlow:1st. If you had bothered to look up war driving you would have seen that it is not illegal. The groups often get together and have competitions. Some are how many APs you can find in a given period of time(usually tied in with gps for proof). Another game is similar to geocaching where clues are left on essids. Some games do step over the line (as in not legal) and actually access the AP. I would still air on the side of caution for that.
Even DSLR even says its both: »Wireless Security »Isn't wardriving illegal?
Now, I don't know about you, but I certianly don't want people sniffing around my APs.
said by Lazlow:From your almost total lack of knowledge on the subject I am not surprised that you cannot find anyone. Do you even no the basic symbols to look for? Personal attacks will only make your argument weaker.
said by Lazlow:Once again the hardware requirements are really minimal. A 700Mhz PIII is sufficient, especially if one can use the pre made tables. Virtually all the software (windows or Linux) provides a list of cards that are best to get the job done. Again many of these cards are in the $20 range, so it is within reach of virtually anyone. "WPA uses the passphrase you provide and the ESSID as a seed to create the actual encryption key." From:» www.fonerahacks.com/forums/viewt···=4&t=158Which was just the first reference I happened to find. I would love to accept that as actual fact, however, the whois for that domain is as follows:
nguyen, eric webmaster@fonerahacks.com
asdf
asdf
asdf, Kansas 31241
United States
1234124123 Fax --
Somehow, I cannot take that as a reliable source, and I think you would agree. It may be true that WPA uses ssid, however, by posting illegitimate sources you only weaken any argument you make even further.
Though, in general terms WPA isn't itself an encryption used - it uses different encryption algorithms as a backbone; one of them is TKIP.
»en.wikipedia.org/wiki/Temporal_K···Protocol
Here is the TKIP overview: »libtomcrypt.com/files/tkip.pdf
There is NO mention of using essid.
With that said, the router could use the essid in forming keys BUT it isn't a fact that they will; so you shouldn't assume they will.
said by Lazlow:A simple google search on howto X, will yeild a step by step guide on how to do this. Most include the software and hardware requirements required to get the job done. No doubt there, however, I would bet that most people don't have the hardware on hand.
said by Lazlow:I think you are vastly underestimating the number of people who are now using Linux. While Linux may be the preferred platform, the software to do this is also available for windows. I don't think so. I am arguably the only person in my school that actually uses Linux on a day-to-day basis. The rest, complain of its complicatedness (is that a word?, regardless it isn't a good excuse not to use Linux), and are too attached to Windows to actually use Linux.
Yes, I have heard the complaints and queried people on what they use. The general consensus is Windows.
And when I tried to utilize the necessary software under Windows, I couldn't get it to work. Booted up Linux and it worked perfectly.
said by Lazlow:Our local Walmart carries three usb dongles that have the proper chipsets to use for this activities. Care to share specs? | |
|
| | | | | | Lazlow
join:2006-08-07
Saint Louis, MO | Re: So.... As long as you are just listening it is legal. If you transmit to connect to the AP then you are probably over the line.
From your link:
"No. Wardriving solely to detect the presence of wireless access points without malicious intent in and of itself is not illegal."
I noticed you did not bother to answer the question, which would indicate the answer to be no. Proving my point.
Considering the way the legal system has been going lately, you are unlikely to find a source that you could sue(reputable source) that will post any information on the topic.
There are five linux users within a block of me, and one of those is over 70. The local LUG had to find a new place to hold its meeting becuase there was not enough space.
All three of these(below) use the 2870 chipset which requires using the nemesis driver(for injection). They are all three on the shelf at our local Walmart. There are probably others that would be functional too, I just have not taken the time to look around and see.
Linksys USB600N
Linksys WUSB100
Belkin F6D4050 | |
|
| | | | | | | | | Re: So.... said by Lazlow:As long as you are just listening it is legal. If you transmit to connect to the AP then you are probably over the line. From your link: "No. Wardriving solely to detect the presence of wireless access points without malicious intent in and of itself is not illegal." It is a very gray area. Lets leave it at that.
For example, taking pictures publicly is not a crime, however, if a person wishes for you not to take their picture then it is illegal. Which one would say "how would one know the other people also don't want their picture taken?".
said by Lazlow:I noticed you did not bother to answer the question, which would indicate the answer to be no. Proving my point. I didn't answer your question directly because it was a personal attack. I refuse to encourage ignorance.
said by Lazlow:Considering the way the legal system has been going lately, you are unlikely to find a source that you could sue(reputable source) that will post any information on the topic. Wait, what? I would press charges against the person?
said by Lazlow:There are five linux users within a block of me, and one of those is over 70. The local LUG had to find a new place to hold its meeting becuase there was not enough space. Like I said, in my area this is what I noticed. I acknlowedge there are different parts in the world. Different people; different interests.
said by Lazlow:All three of these(below) use the 2870 chipset which requires using the nemesis driver(for injection). They are all three on the shelf at our local Walmart. There are probably others that would be functional too, I just have not taken the time to look around and see. Linksys USB600N Linksys WUSB100 Belkin F6D4050 I looked up the first one here: »linux-wless.passys.nl/query_host···stif=USB
And found that it used the Ralink chipset.
Jumping to the aircrack project:
»www.aircrack-ng.org/doku.php?id=···_drivers
quote:
Ralink makes some nice b/g chipsets, and has been very cooperative with the open-source community to release GPL drivers. Packet injection is now fully supported under Linux on PCI/CardBus RT2500 cards, and also works on USB RT2570 devices. However, these cards are very temperamental, hard to get working, and have a tendency to work for a while then stop working for no reason. Furthermore, the RT2570 driver (such as that for the chipset inside the Linksys WUSB54Gv4) is currently unusable on big endian systems, such as the PowerPC. Cards with Ralink chipsets should not be your first choice.
You are right in saying it may be supported, but from that do you really think that card is a good choice?
I couldn't find the WUSB100, but the F6D4050 is in that list and it is also Ralink. Again, this only strengthens my theory that the cards you need aren't readily avaiable at your local Best Buy.
Unless you know of another wireless cracking project that DOES support Ralink without any negative comments? | |
|
| | | | | | | | Lazlow
join:2006-08-07
Saint Louis, MO | Re: So.... Ok, if you do not have the vocabulary or know the symbols to look for(most basic skill), it is a little like hunting deer without knowing what they look like. In either case you are not going to find what you are looking for.
Poor choice of words on my part, I did not mean to infer you. I meant that some company (riaa/mpaa like in nature).
All three of those do work IF you use the nemesis driver instead of the manufactures drivers, which is why I specifically mentioned it. With this driver it seems to function acceptably. I assume that the nemesis driver is newer than that list you used. | |
|
| | | | | | | | | | | Re: So.... said by Lazlow:Ok, if you do not have the vocabulary or know the symbols to look for(most basic skill), it is a little like hunting deer without knowing what they look like. In either case you are not going to find what you are looking for. Poor choice of words on my part, I did not mean to infer you. I meant that some company (riaa/mpaa like in nature). All three of those do work IF you use the nemesis driver instead of the manufactures drivers, which is why I specifically mentioned it. With this driver it seems to function acceptably. I assume that the nemesis driver is newer than that list you used. I know exactly what to look for, and the fact that EVERYONE I have run into defiantly don't show an interest in anything like this. Granted I don't bust into people's homes and check out their setup so my experience can only account for a small percentile...but I can only present my facts. I am not doubting that there are other Linux users in my neighborhood, it just seems like they choose not to be known for whatever reason. Do you really want me to poll the computer scientists just to prove a point?
And wait, I didn't list a driver? I used the actual wireless cracking program's site as evidence. Nemesis driver or not, they go out of their way to mention that. Can you post a link to the Nemesis driver that specifically says "this will work better than any other driver" or something similar. I would like to take your word for it, however, since you mentioned as evidence in your argument I feel it is your responsibility to back up your claims. And if its a hardware issue causing the malfunction of the card, then a different driver will most likely not fix the problem. | |
|
| | | | | | | | | Lazlow
join:2006-08-07
Saint Louis, MO
1 edit | Re: So.... The symbols I was referring to have nothing to do with Linux, which seems to be what your first paragraph is inferring.
I forgot that the nemesis driver is just the modified(for linksys) hirte driver.
»forums.remote-exploit.org/136476-post1.html
"One thing to keep in mind is you can find an official, better working driver for this chipset from Ralink's website. This driver DOES support monitor mode but DOESN'T support injection. Seeing as how injection is kind of necessary to the point of thats probably why you got Backtrack, this is the answer for you"
You will note that the driver is stored on aircrack-ng.org. I suspect that the link that you posted is just dated. On the original driver series it did not work very well. Newer drivers came along that do, but your link just did not get updated.
IF I recall correctly the reason the original driver series did not work very well had to do with the driver not properly handling the transmit power control on the chipset. The driver would leave the power at full blast all the time until it overheated. The newer drivers do not seem to have a problem. | |
|
| | | | | |  aefstoggaflmOpen Source FanPremium
join:2002-03-04
Bethlehem, PA
kudos:2
 ·Verizon Online DSL
| said by k1ll3rdr4g0n:said by Lazlow:1st. If you had bothered to look up war driving you would have seen that it is not illegal. The groups often get together and have competitions. Some are how many APs you can find in a given period of time(usually tied in with gps for proof). Another game is similar to geocaching where clues are left on essids. Some games do step over the line (as in not legal) and actually access the AP. I would still air on the side of caution for that. Even DSLR even says its both: » Wireless Security » Isn't wardriving illegal? I Point you to »www.wardrive.net/wardriving/faq
where they talk about Part II: Legalities and Ethics
^^
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact. | |
|
| | | | Lazlow
join:2006-08-07
Saint Louis, MO | It also occurred to me that the guy hooking the university's Ethernet cord into a lan port (instead of wan port) may not have been a mistake. Most universities have a ban on game servers and file sharing on their network. They usually monitor this by the IP they have assigned. Hooking a router in as you described would allow one to create a private lan, using a different subnet than the university. Since most routers allow you to set whatever mac you like and the router would not need a university assigned IP, it would be difficult to track down. One would set the router to filter for macs, allowing only those that one invited onto the private lan. Hopefully those macs would all be spoofed macs (keep the other members anonymous as well). While such a lan would not have any connection capability beyond the student side of the router(no internet access) many (most?) universities only have one router for the student body(on campus of course). This would mean that one could have a file sharing network with a lot of members, only limited by the number of IPs the router could support. As most universities use 100Mbps hardware (some even GigE) the network would be very fast. The only way to track down such a network is to physically track the signal back through all the switches one at a time( time consuming). Assuming the network was only run during after hours (outside of 7am-7pm) most IT departments probably would never discover the network, and even if they did they would not have the resources(or the motivation in most cases) to track it down. | |
|
| | | | | | | Re: So.... said by Lazlow:It also occurred to me that the guy hooking the university's Ethernet cord into a lan port (instead of wan port) may not have been a mistake. Most universities have a ban on game servers and file sharing on their network. They usually monitor this by the IP they have assigned. Hooking a router in as you described would allow one to create a private lan, using a different subnet than the university. Since most routers allow you to set whatever mac you like and the router would not need a university assigned IP, it would be difficult to track down. One would set the router to filter for macs, allowing only those that one invited onto the private lan. Hopefully those macs would all be spoofed macs (keep the other members anonymous as well). While such a lan would not have any connection capability beyond the student side of the router(no internet access) many (most?) universities only have one router for the student body(on campus of course). This would mean that one could have a file sharing network with a lot of members, only limited by the number of IPs the router could support. As most universities use 100Mbps hardware (some even GigE) the network would be very fast. The only way to track down such a network is to physically track the signal back through all the switches one at a time( time consuming). Assuming the network was only run during after hours (outside of 7am-7pm) most IT departments probably would never discover the network, and even if they did they would not have the resources(or the motivation in most cases) to track it down. Have you ever used a managed switch?
Those things are POWERFUL, I couldn't tell you exactly how but I am sure that if you feed DHCP back into the network I am almost sure that using a Cisco managed switch you can find exactly what port the DHCP is coming out of. All without having to get out of your chair.
»itknowledgeexchange.techtarget.c···network/
Knowing that, it would be really stupid to hook it up like that because the networking team could see it right away. | |
|
| KearnstdElf WizardPremium
join:2002-01-22
Mullica Hill, NJ | with enough resources you can hack/crack anything on the net, but really secured wireless is like locking your house when you head to work. WPA is like having a deadbolt, WPA2 is adding motion sensing lights.
all of them add security but none prevent the breakin if someone wants in, but they make you far less attractive to the smash and grab.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports | |
|
| Reviews:
·Verizon Online DSL
1 edit | what is stopping my neighbors from using the service
my neighbors has been harassing me to give them access to my Wi-Fi connection. I use wpa2/aes. I change the SSID and the shared key often using Steves key generator
i found out that thier church has a list of unsecured accesspoints posted and they are offering a reward for any one who cracks my key and a few others around the city
my aacces point was listed i had changed my ssid when i found an ad on the internet.
I also shut the access point of when it is not being used | |
|
BabyBearKeep wise ...with Nite-Owl
join:2007-01-11 | Easy peasy. Just don't use words from a dictionary. 
Like to see how long it takes for WPA cracker to have a go at one of Steve's passwords. | |
|
| |
| | | | Re: Easy peasy. I wrote my own random string generator in Maple a few years ago and have been using passwords it generates ever since. Anyone needing access to my router needs a text file either from a USB thumb drive or sent via e-mail so they can copy & paste. (though setting up the Wii and PS3 was a pain in the ass). | |
|
| | |
1 edit | Re: Easy peasy. I just use a spreadsheet to generate passwords using RAND and VLOOKUP functions. Here is an example; 3QKyAnIlE9B0MqoS_HyI1l4RsZF_cdY5TuqgIYs-TUZs.#_7HucuG7-ZSDWVGGN. I keep hitting the F9 key until I get one I like. | |
|
|  LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | said by BabyBear:Just don't use words from a dictionary. Like to see how long it takes for WPA cracker to have a go at one of Steve's passwords. Use randomly generated 20 character & up passwords and you are still uncrackable.
Longer passwords and ones that use combinations of letters, numbers, and punctuation will remain uncrackable over potentially very long periods of time.
--
My BLOG .. .. Internet News .. .. My Web Page
| |
|
|  n2jtx
join:2001-01-13
Glen Head, NY | My password is nine characters long and consists of random letters and numbers. No dictionary attack is going to crack that.
--
I support the right to keep and arm bears. | |
|
| | Lazlow
join:2006-08-07
Saint Louis, MO
2 edits | Re: Easy peasy. Think again. The rainbow tables for all the characters have been built for the top 1000 most common essids. Last I checked they were up to 11 characters. You do need a separate table for each essid(file size per essid is typically around 185mb).
The tables for the 1000 most common essids with matching passwords is only 33mb/essid. | |
|
| | | | | Re: Easy peasy. No.
I am very familiar with the project you are referencing.
The pre-computed hash table you refer to does not include every random string inclusive to 11 characters, not even close I'm afraid.
It is primarily composed of words, and by any standard is a dictionary based attack. | |
|
| | | | Lazlow
join:2006-08-07
Saint Louis, MO | Re: Easy peasy. If you are referring to the church of the wifi stuff, it is not the project that I am referring to. That list is only the top 1000 most popular passwords (some do have nonstandard characters) for the 1000 most popular essids. The project I am referring to requires an invite to join and is working on all characters for the 1000 most popular essids. The long term plan is all passwords for all essids, but since most passwords are below 12 characters and you have to start somewhere, this is where they are. | |
|
| | | | |
3 edits | Re: Easy peasy. said by Lazlow:If you are referring to the church of the wifi stuff, it is not the project that I am referring to. That list is only the top 1000 most popular passwords (some do have nonstandard characters) for the 1000 most popular essids. The project I am referring to requires an invite to join and is working on all characters for the 1000 most popular essids. The long term plan is all passwords for all essids, but since most passwords are below 12 characters and you have to start somewhere, this is where they are. No offense, but this is highly suspect for 3 reasons.
Firstly the time to precompute this table is absolutely enourmous
secondly, the table would be enourmous -addressing tables this large is a problem
Third, even running this table pre-computed would take a long time
***If you doubt this, I tell you what I will do. I will make a 1-12 character key .cap file essid linksys, with the key verified by a third party on this site.
Let's see how "easy peasy" that is.
Ready to take me up on my offer? | |
|
| | | | | | Lazlow
join:2006-08-07
Saint Louis, MO | Re: Easy peasy. There is actually a far easier way to see. If this company is not able to solve an acceptable number of passwords (say 75%), they probably will not be in business in six months. If there solution rate is not high enough they will get a bad reputation and nobody will use them(no income). The flip side of that is if they get a good reputation (high solution rate) they will stay in business/grow. That is of course assuming they do not get shut down for some other reason(legal). | |
|
| | | | | | |
1 edit | Re: Easy peasy. said by Lazlow:There is actually a far easier way to see. If this company is not able to solve an acceptable number of passwords (say 75%), they probably will not be in business in six months. If there solution rate is not high enough they will get a bad reputation and nobody will use them(no income). The flip side of that is if they get a good reputation (high solution rate) they will stay in business/grow. That is of course assuming they do not get shut down for some other reason(legal). No, I'm referring to your post that claims you have a PCH table inclusive of 11 printable characters.
Of course, I already know this is not true.
Since you have the table, why wouldn't you take me up on my offer - I will make the file tonight off of my router. | |
|
| | | | | | | | Lazlow
join:2006-08-07
Saint Louis, MO
1 edit | Re: Easy peasy. What you are asking for is a little like when they ask someone when they quit beating their wife. There is no reply that can be made that helps the person.
If I take up the challenge (and use up those few favors I have left) and access the database one of two things is possible(solve or not solve). Now if I fail, you will say that it cannot be done, when it is more likely a lack in my skills than an statement about whether it can actually be done or not. If I succeed it is likely you(or someone else) would make a big stink about it, and that would be the end of what little access I now have. So doing anything more than ignoring this challenge is a guaranteed loss for me. Of course you already knew that before you made the post. | |
|
| | | | | | | | | | | Re: Easy peasy. said by Lazlow:What you are asking for is a little like when they ask someone when they quit beating their wife. There is no reply that can be made that helps the person. If I take up the challenge (and use up those few favors I have left) and access the database one of two things is possible(solve or not solve). Now if I fail, you will say that it cannot be done, when it is more likely a lack in my skills than an statement about whether it can actually be done or not. If I succeed it is likely you(or someone else) would make a big stink about it, and that would be the end of what little access I now have. So doing anything more than ignoring this challenge is a guaranteed loss for me. Of course you already knew that before you made the post. What you spread here is fear, uncertainty, and doubt (FUD).
I have a degree in mathematics. What you have stated here, numerous times is technically unfeasible.
The mere idea that you will compile an inclusive PCH table is ridiculous. It shows you fail to grab the scope of the problem at hand.
This is why you can't meet my "simple" challenge. | |
|
| | | said by BabyBear:Just don't use words from a dictionary. Like to see how long it takes for WPA cracker to have a go at one of Steve's passwords. 1) "135 million word dictionary"
2) "The Second Edition of the Oxford English Dictionary contains full entries for 171,476 words in current use, and 47,156 obsolete words."
I think you misunderstand what they mean by dictionary.
--
said by Metatron2008:But people who download thousands of movies and games.... Yes, they are as bad as any murderer | |
|
|
1 edit | Or one can simply open a bash terminal and type:
echo ` /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c63`
This will generate a 63 character pseudorandom password. No need for Steve's stuff. | |
|
| |  ArchivisYour DaddyPremium
join:2001-11-26
Earth
kudos:18
1 edit | Re: Easy peasy.said by KodiacZiller:Or one can simply open a bash terminal and type: echo ` /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c63`
This will generate a 63 character pseudorandom password. No need for Steve's stuff. How many chicks did you pick up with that post?
--
'A government big enough to give you everything you want, is strong enough to take everything you have.' -Thomas Jefferson - | |
|
| | |  cdruGo ColtsPremium,MVM
join:2003-05-14
Fort Wayne, IN
kudos:7 | Re: Easy peasy. said by Archivis:How many chicks did you pick up with that post? Probably exactly the same number that one would get by knowing that they could go to GRC to get 64 random characters for a WPA key. Zero. | |
|
 r81984Fair and BalancedPremium
join:2001-11-14
Katy, TX
1 edit | Nice $17 to quickly get access to the neighbors wifi.
The "smithfamily" ISP  | |
|
| StojkoPremium
join:2007-10-20
St John's NL | Re: Nice said by r81984:$17 to quickly get access to the neighbors wifi. The "smithfamily" ISP Or more commonly linksys and dlink | |
|
|  dvd536as Mr. Pink as they comePremium
join:2001-04-27
Phoenix, AZ
kudos:4 | said by r81984:$17 to quickly get access to the neighbors wifi. The "smithfamily" ISP $0 to access the 4 open ones i can connect to
--
When I gez aju zavateh na nalechoo more new yonooz tonigh molinigh - Ken Lee | |
|
| | So what's next So since this is cracked, what's next? Does every home user need a RADIUS server now? | |
|
|  knightmbEverybody Lies
join:2003-12-01
Franklin, TN | Re: So what's next said by fifty nine:So since this is cracked, what's next? Does every home user need a RADIUS server now? Not until someone generates a random table of every possible combination up to 63 characters, then it's game over.
--
Fight Insight Ready (Was NebuAD) and the like:
Click Here to pollute their data | |
|
| | Lazlow
join:2006-08-07
Saint Louis, MO | Re: So what's next Its actually every possible combination up to 63 characters for every possible essid. For each essid you need a separate table containing the password hash for every combination up to 63 characters. Just the 1000 most popular passwords for a given essid is around 30MB.
Short term use an oddball password AND essid containing non standard characters. Whenever you change your password you also need to change the essid. If not they will already have built the table for your essid and they will be able to break the new password within minutes. If you change the essid and password combination frequent enough they will not be able to generate the new table before you have moved on to the next combination. I would think once a month would be very safe and once every three months would be pretty safe. | |
|
| | This is going to benefit the right people Finally the good guys have a tool that proves people should not to use dictionary passwords, spread the word. [/sarcasm] | |
|
| | What I don't understand... ...is why there are no "cool down" mechanisms built into authentication systems that are susceptible to dictionary and brute attacks. It seems to me that forcing even a five second delay in between incorrect authentication attempts would take years to crack on a reasonably strong password.
What am I missing here?
- Tate
--
It's time to let go of TDM people. If it's not IP-based, it's crap! | |
|
|
See 8 replies to this post |
|
| | 0h n00s "Our dictionary was meticulously compiled with WPA cracking in mind, and includes word combinations, phrases, numbers, symbols, and elite speak. " 0|-| |\|0! |\|07 L337 $P33(|-| 700! | |
|
| tivoboy
join:2004-05-10
Menlo Park, CA | Re: 0h n00s I so want to try this on my networks | |
|
| nitzanPremium,VIP
join:2008-02-27
kudos:2 | I'm not sure if I should feel good or bad about being able to read that...
OK. Time to get out of the house! | |
|
| | If they can't crack the passowrd, do I get the money back? So what if they can't crack the password? May I have a refund?
Brute force dictionary crackers are for lame script kiddies.
I use bulgarian slang words mixed with digits. Good luck cracking that with the oxford dictionary. | |
|
|
See 9 replies to this post |
|
| | How safe am I So am I safe from a "dictionary" attack if my WPA password contains four proper nouns separated by underscores? | |
|
|  MSaukMSaukPremium
join:2002-01-17
Sandy, UT | Re: How safe am I I use a dictionary word and I could care less... | |
|
| Lazlow
join:2006-08-07
Saint Louis, MO
1 edit | It depends on you point of view. In most normal instances people are just looking for free wifi. Since your password is likely much longer than most, they are less likely to choose you to attack. Now if they want on your particular system(for whatever reason), then you are not very safe.
The easiest thing to do is to get yourself a el cheapo memory stick(usb) with a physical lock write protect(virus spread prevention). Then go to one of the password generation sites and generate the longest password your router will take. Make sure that a significant number of the characters are NOT standard characters (not 0-9, A-Z, and a-z). Save the password to the memory stick and then set the stick so that no one can write to it. The reason for the memory stick is that most people cannot type (correctly) long passwords with non standard characters. You can then move the stick to each computer that needs access, cut and paste the password, and not worry about spreading any viruses that any of the computers may have.
Edit: It is also critical (when using high security passwords) that you change your essid every time you change your password. If not they will just build a rainbow table against your essid(which takes a lot of time), and be able to break each of your new password in minutes. | |
|
Lazlow
join:2006-08-07
Saint Louis, MO | Applies to WPA2 too "Our service works against both WPA and WPA2 when PSK is being used. " | |
|
Pv8man
join:2008-07-24
Hammond, IN | Now I raise the question once again 400 CPUs ?
how would this compare to 3 or 4 of these 240 Processor Cores video card all SLI together using CUDA?
GIGABYTE GV-N275SO-18I GeForce GTX 275 1792MB 448-bit GDDR3 PCI Express 2.0 x16
Chipset Manufacturer: NVIDIA
Core Clock: 715MHz
Shader Clock: 1550MHz
Stream Processors: 240 Processor Cores
Memory Clock: 2520MHz | |
|
| Lazlow
join:2006-08-07
Saint Louis, MO | Re: Now I raise the question once again I cannot find the reference to it but one of the church of the wifi guys did just that on some of the earlier generation hardware(several years ago). If I recall correctly he hard four cards in his machine and was able to generate 17,000 hashes a second. Note I said generate (which is what takes the time) the hashes and not check hashes(a 700MhzPIII can check/compare this many hashes a second). As a rough guess one could probably bump that to 170,000+ hashes a second on the newer hardware. | |
|
1 edit | GPU cracking will make these services obsolete GPU cracking is well on it's way (Nvidia CUDA). This will allow you to make your own database of cracked passwords. And then if you make a distributed version and either pass it out (friendly) or send it out with a virus (unfriendly), the possibilities are a lot more endless than a rumored 400-instance Amazon farm.
Or a PS3 farm ... | |
|
| Lazlow
join:2006-08-07
Saint Louis, MO | Re: GPU cracking will make these services obsolete The problem you run into is storage space. Remember for each essid you have to have a separate table. Just for the 1000 most popular password for the 1000 most popular essids you are looking at 40GB of data. As this grows it become increasingly difficult for one person to store them. Some of the current projects already underway are building tables for the 1000 most popular essids that contain all the characters not just the most popular passwords. The last I checked they were only up to 10 character passwords. Getting all the passwords (up to 64 characters?) for all the possible essids is going to be thousands of TBs of data. They are currently spreading out the storage as widely as possible. (user A stores the 50 most popular essid tables, user B stores 51-100, on down the line). Most of these projects(all character ones) require that you contribute a certain number of essid tables in order to gain access to the rest.
But yes, I think building all the tables with all the characters for both essids and passwords is where this is headed in the long term. | |
|
Tairei
join:2009-07-01
Beaverton, OR | Oy-Humbug Well no system is truly safe from a black hat anyhow given enough time and resources. For the most part, people are safe. Monitor your router on a regular basis and read the log files if you're so concerned. There are many ways to make sure that the casual cracker isn't going to steal your bandwidth. There are several nodes around here right now that are completely wide open. I can't believe that kinda crap. | |
|
| | Wpa what ? Well, spin aside .. we just need to know what that dictionary is and amke sure yours is not in it | |
|
| | So it begins or should i say so it continues? At one point wep used to be secured till it was figured our how to crack it. At first only few could do it but as we now know everyone can. Same thing is happening with wpa, only those that are willing to pay can do it but eventually everyone will be able to. I am sure it will happen with wpa2 etc. Yes i am sure new security protocol will be released but millions of people will have the old protocol like those having wep routers. | |
|
 CPUYODA
join:2003-01-25
Johnson City, TN | This is why... You use a password,...and limit the number of IPs the router will dole out(and MAC assigned).
"Yes Bobby,...you cracked it,....and it still won't work"... 
--
"In God We Trust,All Others Pay Cash" | |
|
| Pv8man
join:2008-07-24
Hammond, IN | Re: This is why... Then it's only a matter of time before they can see one of the clients on the network log off, and use their IP address.
Even if you use a MAC address filter, I can sniff the clients in the air and get their MAC and use a De-auth attack to kick them off the router, then spoof your MAC to one of the clients. | |
|
| KearnstdElf WizardPremium
join:2002-01-22
Mullica Hill, NJ | WPA2 with a strong password non dictionary password. making your AP so unattractive they will go and freeload somewhere else. because if they want in they will get in.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports | |
|
| | Pv8man
join:2008-07-24
Hammond, IN | Re: This is why... True, that theory is very plausible.
Unless, the person happen to be a neighbor living near that signal, and nothing else is close enough to connect to.
In which case, time is what you would have
But my main point that I'm trying to get across is EVERYTHING is crackable eventually, given enough time and resources.
and I believe that the secret worldwide ACTA treaty that will enforce anti-piracy to the fullest extent, is very dangerous, because they can't just say, that everybody in the whole house must loose their internet connection, because they happened receive a notice about copyrighted material coming from that IP.
it's just madness (not to mention almost impossible), to make ISP's into net nannies.
But I think the ISP's will go for it because it would give them the right to start getting involved in "Behavioral advertising" while they are already getting involved with users traffic. | |
|
| | | KearnstdElf WizardPremium
join:2002-01-22
Mullica Hill, NJ | Re: This is why... just watch if the ACTA becomes "Law" many ISPs will have fouls and and balls to go with strikes, because a customer is profit.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports | |
|
| | Fear uncertainty doubt theres alot of FUD here. WPA is strong if your password is strong. Brute forcing WPA would take forever, and a dictionary attack will only work if you have chosen a weak password that is likely to be in a dictionary list. A dictionary that contains all possible passwords is unfeasable and would be no different then brute forcing.
Be sure to use AES though. | |
|
| | Easily use WPA/WPA2-Enterprise/802.1X This type of brute-force attack does not apply to WPA/WPA2-Enterprise networks, which use 802.1X authentication. Even small businesses and consumers can now easily implement this advanced security using outsourced services like AuthenticateMyWiFi: »www.NoWiresSecurity.com | |
|
|
|
