background preloader

WiFi Security

Facebook Twitter

Is making use of unprotected Wi-Fi stealing? « All that is wrong with the world… Table of Contents IntroductionDoes WEP count as unprotected? The “unlocked door” analogyIs it really stealing? Whose responsibility? There is no excuseLegal issuesConclusionReferences Introduction I have seen this issue popup quite a lot and it is an interesting topic of discussion. In this article I argue that accessing an unprotected Wi-Fi network is not stealing, nor is it in any way morally wrong. Does WEP count as unprotected? It is important to distinguish between an unsecured Wi-Fi network, and a Wi-Fi network with any form of security. The fact that WEP is all but useless technically is irrelevant here.

This is in contrast to an unsecured Wi-Fi network where the intention of the owner is ambiguous, and we only have limited information to go by. The “unlocked door” analogy A Wireless AP broadcasts radio waves in all directions for hundreds of feet announcing its presence and in many cases supplying the authorization and information necessary to join a network. Is it really stealing? Your Hotspot, Your Way - Connectify. How Can I Find Out If Someone’s Stealing My Wi-Fi? How to Crack a Wi-Fi Network's WEP Password with BackTrack. DriveByLoc.pdf (application/pdf Object) How To Crack WPA / WPA2. Tue, 15 Jan 2008 06:13 Brandon Teska Introduction There is a new version of this article here.

Previously, we showed you how to secure your wireless with industrial strength RADIUS authentication via WPA-Enterprise. It turns out that there's a little back-story there. So, in traditional Tarentino fashion, now that we've already seen the ending, let's back up to the beginning: cracking WPA-PSK. Wi-Fi Protected Access (WPA) was created to solve the gaping security flaws that plagued WEP. WPA solves this problem by rotating the key on a per-packet basis, which renders the above method useless. The Wi-Fi Alliance, creators of WPA, were aware of this vulnerability and took precautions accordingly. First, this prevents the statistical key grabbing techniques that broke WEP by transmitting the key as a hash (cyphertext). So, like virtually all security modalities, the weakness comes down to the passphrase. Related Items: Don't have time to crack your neighbor's WPA? Use this handy online service!

Polly wanna crack it? So for some reason you want to get on the right side of a router’s WPA protection. Okay, I won’t ask questions. But how long is it going to take your computer to brute-force the password? A couple days? Have I got a service for you! WPA Cracker, a creatively-named new site, lets you submit the result of a handshake with a WPA-protected Wi-Fi point, and will have the password back to you before you’ve finished your cup of coffee. Of course, you’ll be $34 poorer for it, but hey, if that means you don’t have to pay for internet for six months you demonstrate a network’s vulnerability to your boss, it might just be worth it.

Now, I suppose this service is susceptible to abuse, but keep in mind that even a hundred-million-word dictionary can’t crack long, random alphanumeric strings. [via Computer World] Detect & Find All Users Computers Connected to your Wireless Network. WPA Cracking Proof of Concept Available. We warned you: short WPA passphrases could be cracked--and now the software exists: The folks who wrote tinyPEAP, a firmware replacement for two Linksys router models that has on-board RADIUS authentication using 802.1X plus PEAP, released a WPA cracking tool. As Robert Moskowitz noted on this site a year ago, a weakness in shorter and dictionary-word-based passphrases used with Wi-Fi Protected Access render those passphrases capable of being cracked. The WPA Cracker tool is somewhat primitive, requiring that you enter the appropriate data retrieved via a packet sniffer like Ethereal. Once entered, it runs the cracking algorithms.

Remember that to crack WEP, an attacker has to gather many packets, possibly millions, but can then easily crack any key. For WPA, certain shorter or dictionary-based keys are highly crackable because an attacker can monitor a short transaction or force that transaction to occur and then perform the crack far away from the physical site. GPUs Used to Successfully Crack Wi-Fi Passwords. Because of the computational power of today's GPUs, GPUs are starting to be harnessed more and more to help out CPUs with some hardcore number crunching.

That is the concept behind Nvidia's CUDA, ATI's Stream, and Apple's OpenCL frameworks. There aren't many apps available yet that take advantage of these relatively new technologies, but the ranks are slowly growing. The latest GPU-assisted app to come available is one designed for IT managers to make sure their wireless networks are secure--and inevitably for hackers to try to break into wireless networks. Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0, which can take advantage of both Nvidia and ATI GPUs. ElcomSoft claims that the software uses a "proprietary GPU acceleration technology," which implies that neither CUDA, Stream, nor OpenCL are being utilized in this instance. "Advanced dictionary attacks with deep mutations attempt multiple variants and combinations of each dictionary word. Beware the rogue Wi-Fi access point in Windows 7.

SoftAP feature in the new OS could threaten enterprise security Wireless Alert By Joanie Wexler, Network World February 19, 2010 11:36 AM ET Sign up for this newsletter now! Industry analysis by expert Joanie Wexler, plus links to the day's wireless news headlines The consumerization of IT is alive, well and causing all sorts of enterprise security challenges in the mobile arena. Seven things to love, hate about Windows 7 So far, it looks like the Windows 7 OS is a winner.

Windows 7, though, contains a "SoftAP" feature, also called "virtual Wi-Fi," that allows a single PC to function simultaneously as a Wi-Fi client and as an AP to which other Wi-Fi-capable devices can connect. So says Gopinath KN, director of engineering at AirTight Networks, a wireless intrusion-prevention system (WIPS) and service company that has analyzed the SoftAP capability.

The issue is more dangerous than Wi-Fi's peer-to-peer, or ad hoc, mode, says AirTight Vice President of Product Management Sri Sundarilingam. Wireless LAN Security / Wardriving / WiFi Security / 802.11. Aircrack-ng] Description Aircrack-ng is an 802.11 WEP and WPA/WPA2-PSK key cracking program. Aircrack-ng can recover the WEP key once enough encrypted packets have been captured with airodump-ng. This part of the aircrack-ng suite determines the WEP key using two fundamental methods.

The first method is via the PTW approach (Pyshkin, Tews, Weinmann). The default cracking method is PTW. Additionally, the program offers a dictionary method for determining the WEP key. For cracking WPA/WPA2 pre-shared keys, only a dictionary method is used. Screenshot LEGEND 1 = Keybyte 2 = Depth of current key search 3 = Byte the IVs leaked 4 = Votes indicating this is correct How does it work? The first method is the PTW method (Pychkine, Tews, Weinmann).

The second method is the FMS/Korek method which incorporates multiple techniques. In this method, multiple techniques are combined to crack the WEP key: FMS ( Fluhrer, Mantin, Shamir) attacks - statistical techniques Korek attacks - statistical techniques Brute force or. Upside-Down-Ternet. My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun. I'm starting here by splitting the network into two parts, the trusted half and the untrusted half. The trusted half has one netblock, the untrusted a different netblock. We use the DHCP server to identify mac addresses to give out the relevant addresses. /etc/dhcpd.conf IPtables is Fun! Suddenly everything is kittens! /sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 64.111.96.38 For the uninitiated, this redirects all traffic to kittenwar. For more fun, we set iptables to forward everything to a transparent squid proxy running on port 80 on the machine.

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1 That machine runs squid with a trivial redirector that downloads images, uses mogrify to turn them upside down and serves them out of its local webserver. The redirection script. How To Crack A Wi-Fi Network’s WEP Password. You already know that if you want to lock down your Wi-Fi network, you should opt for WPA encryption because WEP is easy to crack. But did you know how easy? Take a look. Today we’re going to run down, step-by-step, how to crack a Wi-Fi network with WEP security turned on. But first, a word: Knowledge is power, but power doesn’t mean you should be a jerk, or do anything illegal.

Knowing how to pick a lock doesn’t make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise. Dozens of tutorials on how to crack WEP are already all over the internet using this method. What You’ll Need Unless you’re a computer security and networking ninja, chances are you don’t have all the tools on hand to get this job done. A compatible wireless adaptor—This is the biggest requirement. Crack that WEP To crack WEP, you’ll need to launch Konsole, BackTrack’s built-in command line. First run the following to get a list of your network interfaces: airmon-ng airodump-ng (interface)