jdir
join:2001-05-04
Santa Clara, CA |
jdir
Member
2001-Aug-11 10:40 pm
YawnWe already knows wireless is hackable, what's the big news here? |
|
| |
The "Big Deal" is it has been done and documeneted. Also the fact it was a 20yr old student that did it. |
|
RiO0
join:2001-01-05
Norristown, PA |
RiO0 to jdir
Member
2001-Aug-11 11:53 pm
to jdir
Everything is hackable. Wireless is especially vulnerable because you can intercept the waves in the air rather than having to have access to the network.
Of course this is nothing compared to some of the utilities out there which can scan in the waves sent out by computer screens and duplicate them on another screen a long ways away.
You are being watched. |
|
| |
steven8
Member
2001-Aug-12 10:41 am
said by RiO:
Everything is hackable. Wireless is especially vulnerable because you can intercept the waves in the air rather than having to have access to the network.
Good point. |
|
toezar
join:2000-03-30
Broomall, PA |
to RiO0
Said by RiO:
Of course this is nothing compared to some of the utilities out there which can scan in the waves sent out by computer screens and duplicate them on another screen a long ways away.
What tools do this?!
Are you watching my monitor now? (you're only 45 min away from me) -jk
Anyway, i have to see these tools |
|
| |
to jdir
test |
|
 MospawMy socks don't match.
join:2001-01-08
Mile HIgh |
Old news, but still a problem.What scares me is the number of people who still want wireless! My boss insists it's a great thing, and I've heard rumors that one of our offices is using it in their building. And these are the same people who lock the servers in a security cage, put alarms on the doors, etc.
But because wireless is a cool toy, well, let's get some.
How can I tell them NO NO NO NO and NO! I've already sent them links to the articles. |
|
| System |
to toezar
Anon
2001-Aug-12 3:23 pm
to toezar
Re: YawnWhat tools do this?!
Are you watching my monitor now? (you're only 45 min away from me) -jk Anyway, i have to see these tools
Ever heard of the NSA?
Ever heard of TEMPEST? |
|
 Jerm
join:2000-04-10
Richland, WA |
to jdir
I can't believe we are still considering this news! I am involved with a WISP (Wireless Internet Service Provider) in my area. WEP has had MANY theoretical 'holes' for a long time. Yet, the reports of breaking it are few and far between. The fact is, WEP is hard enough to break that there ends up to be easier ways to crack a network. Currently there are no programs just any "script kiddie" can load up to break WEP. At this point, I am not concerned about problems in WEP - they are all theoretical.
|
|
RiO0
join:2001-01-05
Norristown, PA |
to toezar
You are being watched.
We control the vertical, we control the horizontal.... |
|
|
| |
to Anon
I'm not familiar with either. Do you have url's for descriptions? |
|
RiO0
join:2001-01-05
Norristown, PA
|
RiO0
Member
2001-Aug-12 9:48 pm
These tools/utilities mentioned are used by the National Security Agency and the Central Intelligence Agency. You can't just download them. Unless you have connections you are not going to see them in real life. Unless they are being used against you, but that would be against the CIA's charter. But then again what's a little surveillance among friends.
[text was edited by author 2001-08-12 21:49:29] |
|
| |
Cute articleCute article. But the actual attack was explained two weeks ago by Adi Shamir et al. The papers explaining the attack (and Stubblefield's implementation) can be found in my links posted to this thread: » 802.11b Wireless WEP is not safe! |
|
| System |
Anon
2001-Aug-13 11:23 am
Big deal...NOT!It is just, if not easier to sniff a utp cable which radiates RF. |
|
| |
to pupowski$
Re: TEMPESTTEMPEST is the name of a technology involving the monitoring (and shielding) of devices that emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct intelligible data. The term's origin is believed to simply be a code word used by the U.S. government in the late 1960s, but at a later stage it apparently became an acronym for Telecommunications Electronics Material Protected from Emanating Spurious Transmissions. Some sources insist that it is an acronym for Transient Electromagnetic Pulse Emanation STandard. Yes, there is some software involved, but as can been seen from the above definition it is pointing a high gain antenna at/near your computer and getting information from it. You can pick up keystrokes and even monitor data. If you are worried about it, use your computer in a room where the cell phone does not work and shield your power lines. That should take care of 98% of the current remote snoops. But be warned, there are easier ways to get your data, ask the Philadelphia mobster who had a bugged keyboard. » www.eskimo.com/~joelm/te ··· est.html for more information. |
|
| |
Yes, it's brokenThe paper from Stubblefield et al proves this is _not_ just a theoretical attack. The earlier dictionary-based attack wasn't either, but you'd have to be really motivated to use that one; it required a lot of storage and a lot of time. The current attack requires just a few hours once the tools are made -- and even if no "script-kiddie" has them now, someone will soon. Note that passive snooping, while insidious, is only one of the possible attacks. Once the key has been recovered that way, the attacker can gain full access to your network -- even if you use MAC address
authentication (he just records the authorized MACs, waits for one of those to go offline, and changes his own MAC to match). If he's been recording passwords in the meantime, he can do a quick smash-and-grab and be gone before any way of tracing him can be found. |
|
| |
to Mospaw
Re: Old news, but still a problem.Why do you take this position?
Put your emphasis instead on hardening your network with VPN technology, aka encryption.
People who work from home need encryption tunnels; use the same thing at the office, convert portions of the office network to wireless, and be done with it.
This is all commoditized at this point, with the exception that IPsec drivers for Windoze desktops are just now emerging and they haven't yet emerged for embedded-systems devices like printers; it's not a big expensive project to roll out secure wireless networks for laptops at this point. |
|
| richb01803 |
to russotto
Re: Yes, it's brokenSo? You've stated that it's as secure as a cable-modem. That doesn't mean you shouldn't use it; millions of people love their cable modems.
If you want security, you have to install and use encryption on each wireless device. Not the built-in WEP, but IPsec or ssh. |
|
|
| richb01803 |
to kilingspam8
Re: Yawn20 year olds are at the peak age for figuring out algorithmic hacks. Creativity plus intelligence plus incentive all come together at that age.
I'd be much more surprised if this sort of thing were done by a 40 year old. |
|
MospawMy socks don't match.
join:2001-01-08
Mile HIgh |
to richb01803
Re: Old news, but still a problem.said by richb01803:
Why do you take this position?
Probably out of ignorance, and the desire to not have Yet Another technology (that in truth we don't need at this location) to support. My wires are "secure" out of the box inasmuch as that nobody in a van outside can easily pick up the signals and gain a connection. Not so with wireless (or so I've been led to believe). I do realize that anyone physically able to connect will probably own a great deal of my network, but our building is secure enough. No, my head is not in the sand on security issues, but it may be other places.  I'm just scared of wireless, especially in a critical business environment. |
|
| |
to richb01803
Re: Yes, it's brokenI have NOT stated it as secure as cable modem. Cable modems do NOT broadcast in the clear or in a broken encryption system to all your neighbors; there is encryption (DES) between the modem and the head-end.
Before WEP was broken, it was about as secure as a cable modem. Now, it is about as secure as broadcasting in the clear. |
|
| System |
to richb01803
Re: Old news, but still a problem.Tunneling would be one solution, and it IS workable given today's tech, as long as you're willing to have at least some physical cabling involved (between your decryptors and your IPSEC-unaware services like printers and file servers).
I expect that the "Wireless Office" will probably have several wireless "Cell" subnets, each attached to the main server/services network via traditional cabling. There's plenty of design room in that situation to "hide" non-IPSEC-aware devices behind IPSEC firewalls, placed at or behind the wireless access points.
(Now you guys have me thinking of the Ultimate Network - IPSEC tunneled wireless access webs, all strung together by fiber-optic lines... fast, convenient, and fairly secure too!) |
|
| |
to russotto
Re: Yes, it's brokenWhat would you do differently, though?
A cable-modem service is (a) known to be insecure and (b) has enough bandwidth to be an "inviting" target for crackers.
The only thing I can think of which might be different is the ability to "drive by" and crack networks. That actually requires more effort rather than less: the cracker would have to attack one (or only a few) networks at a time, and so would be motivated somewhat differently. They would be motivated, perhaps, by a desire to snoop on a particular company's sensitive proprietary data, or the access codes for a particular individual's financial accounts.
But in the end it adds up to the same thing: if you want to protect your data, you take the same steps to hide it from crackers either way. Hence my question, what difference does this revelation about WEP make? |
|
| |
As far as I know, cable-modem services are not insecure. Individual machines on the network might be insecure, but that's a different story. You can't get on a cable network from outside, nor can you snoop the packets on a cable network either from another subscriber machine on the same network, nor from a tap on the cable line itself. Wireless networks can be both snooped and entered by a "drive-by" attacker. |
|
| |
FrankRiz
Anon
2001-Aug-13 8:54 pm
Your answer to wirelessGet thicker walls. |
|
| |
hummer-hmmwv-net
Anon
2001-Aug-13 10:47 pm
All internet traffic is vulnerable somewhereThe fact that WEP is broken is not that significant to me, and I run a wireless ISP using 802.11b so I should have a reason to care.
Number 1 - I tell all my customers that any internet connection is vulnerable at MANY locations - it's vulnerable on the customer link either wireless or wired (it only takes a 7/16" wrench to open up a pac-bell wiring closet with 1600 phone lines in it serving a neighborhood) - it's also vulerable when I look at my wan traffic to analyze packets for problem analysis - it's vulerable when my upstream provider checks their circuits with a network analyzer - it's viewable with a T-bird inside the transmission network be it fiber or copper - it's also vulnerable on the server end when the data rushes along the colocation facility's backbone to the servers, and once it's on the server, it's vulnerable to sysadmins, break-in attempts, etc.
The key to all this is simply to use the appropriate level of security for the information sensitivity. If you're sending a credit card number, you are only liable for the first $50.00 of charges that are fraudulent - so you use a level of security (128 bits) that is adequate to protect $50.
In all actuality - it's quite a bit harder to intercept wireless traffic since physical proximity to the transmitter is crucial - some of my links run 13 to 14 MILES - being able to hear packets from both the sender and reciever (who becomes the sender just miliseconds later) would require an elaborate antenna system erected somewhere in between, with knowledge of where the sender and receiver are to facilitate its construction. Tapping my T1 only takes a 7/16 wrench and a T-bird, and can be done at any one of a half dozen pac bell boxes along the way.
(now if you are in an office environment, and you are just 1 cubicle away from the person transmitting, both using the same access point, in the ceiling above you, then yes, I could see where this sort of break-in would be easier, but in such a case, you generally assume that you can trust the person sitting next to you - after all just 10 years ago you shared a common coax-cable network that snaked through both offices!)
The best part of the WEP crack is that it will get people thinking more about what they send on the net - and how they send it. Hopefully more people will start to use some form of encryption for sensitive traffic - my telecommuter type customers are already doing this with ssh and vpn, both of which encrypt every packet since they were designed around the known vulnerabilities of the internet, both wireless and wired. |
|
 J Dog
@pm3-3.nia.ny.localne |
J Dog
Anon
2001-Aug-13 11:28 pm
Catchy titleFirst, the vulnerability in WEP was actually found by Fluhrer, Mantin, and Shamir. A draft of their paper can be found at: » www.eyetap.org/~rguerra/ ··· proc.pdfSecond, to work around this vulnerability, simply use (Open)SSH, SFTP, SSL, stunnel, PGP, GPG, etc... Be warned, though -- in the United States, the FCC absolutely prohibits transmitting encrypted data over the airwaves. =\ |
|
| System |
said by J Dog:
in the United States, the FCC absolutely prohibits transmitting encrypted data over the airwaves. =\
Isn't that a controdiction in terms, since WEP is encrypting the data via airwaves anyway? |
|
jdir
join:2001-05-04
Santa Clara, CA |
jdir
Member
2001-Aug-14 1:44 am
Re: YawnGet some ferrite core and wrap your video cable, keyboard, mouse and any wire going in and out of your PC to eliminate the radio signal. The simplest solution |
|
I'm just scared of wireless, especially in a critical business environment.