Posted on 04/05/2005 11:34:01 AM PDT by atomic_dog
Millions of wireless access points are spread across the US and the world. About 70% percent of these access points are unprotectedwide open to access by anyone who happens to drive by. The other 30% are protected by WEP (Wired Equivalent Privacy) and a small handful are protected by the new WPA (Wi-Fi Protected Access) standard.
At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. Special Agent Geoff Bickers ran the Powerpoint presentation and explained the attack, while the other agents (who did not want to be named or photographed) did the dirty work of sniffing wireless traffic and breaking the WEP keys.
(Excerpt) Read more at mirrordot.org ...
The DQ in my town has free access. All anyone could do, usually is trace it to a MAC address, and if someone pays 45$ cash for a wi-fi card, how could anyone find out who did something? Even if you could somehow get it to a laptop, it still wouldn't help in tracing someone down.
That was some seriously good dark humor!
On my home wlan, just set up a few days ago, I use the ethernet hard-wired desktop for any sensitive internet access.
Am going to start testing the WPA security this afternoon (Linux clients).
But believe me, our trailer park wouldn't be considered a hot spot for wireless drive-bys anyway.
Deserves repeating. If you ain't doing the above, you really shouldn't be doing WiFi
Hard, but not impossible, as long as you don't change your MAC address. For true anonymity, randomly generate your MAC when war-driving.
When you walked out of Best Buy with the PCMCIA wireless card, with RFID chip in packaging, the Patriot Database instantly recorded your MAC address and matched it with the receipt. The address was verified later when you sent in your rebate request on the card, and a third time when you logged in from the laptop to check on the rebate status. A cash purchase would get you off the hook on the first method but not the other two.
Notice the CIA in PCMCIA.
128 bit key in three minutes? Wouldn't that require trying a 128 factorial of keys? In three minutes? Fbi must have pocket crays computers or a rolling super computer.
I've got to try for a little chuckle now and then.
With regard to wireless security at home, I'm more concerned about someone using my connection as an accesss point than about surveilance. I've got WEP and MAC address locks enabled, but I'm really network illiterate. I guess I'll have to look into this WPA thingy.
Are you using channel 6, set at the factory? Is your SSID being broadcast?
They're not searching the entire keyspace - most APs will let you enter a passphrase which they hash to generate the key. Try a dictionary-based attack on the passphrase, and I'll bet you'd be surprised at how quickly you can get in.
Question I have a wired/wireless (versalink 327) router it's wired caue I like wired networds. But I wonder if it is transmitting and capable of recieving traffic. Anyone?
Ok, makes sense, thanks.
I'm glad I'm already using most of the countermeasures. I use WPA with a big password, no SSID, MAC filtering, static IP addresses, etc. It still won't stop a dedicated man-in-the-middle attack, but it's safe against anyone who doesn't have a lot of time and dedication and talent to get on my network.
Besides, if it's a casual hijack, there are three completely unsecured networks in my range. It's like being the only guy on the block with a deadbolt on his door, while others just have regular locks or nothing.
I'm not familiar with the Westell equipment. I would automatically assume the worst. See if you can disable the wireless portion, since you aren't even using it. I use a separate Access Point for wireless, connected to one port of my hard-wired router. A quick way to test your system is to borrow a laptop from someone you know who has wireless and try it.
You might have to upgrade your firmware to get that, as well as go to Windows XP SP2. My brand-new Linksys had firmware over a year old!
No worries here. Home network is wired, and internet is dialup.
Really? If you believe that, I have some swamp land I'd like to sell you.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.