[ale] wireless sanity/security check

Jeff Hubbs jhubbslist at att.net
Wed Jan 6 10:51:14 EST 2010


Can someone elaborate on this WPA/WPA2 vulnerability issue?

- Jeff

On 1/5/10 9:41 AM, Jeff Lightner wrote:
> By the way - WPA can be cracked in less than an hour as demonstrated a
> couple of months ago.  WPA2 is the way to go.
>
> -----Original Message-----
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Pat
> Regan
> Sent: Monday, January 04, 2010 11:24 PM
> To: Atlanta Linux Enthusiasts - Yes! We run Linux!
> Subject: Re: [ale] wireless sanity/security check
>
> On 01/04/2010 05:17 PM, Mark Wright wrote:
>    
>> I didn't ask the question about wireless security because I thought
>> wifi could be intrusion proof.  I just wanted to confirm that giving
>> my friends advice to use MAC filtering wasn't real bad advice.   They
>> had failed to get WPA working and there were Christmas presents that
>> were not being played with.
>>
>>      
> MAC filtering will not keep very many people out if they are actively
> trying to "steal" your bandwidth.  The only people you're likely to keep
>
> out with MAC filtering are the people who think they are connecting to
> their own network but they are connecting to yours by mistake.  It is
> amazing how often that happens.
>
> I'm much more paranoid about connecting to an unknown network than I am
> about people cracking into mine.  I seem especially paranoid in hotels.
>    I know that if I can fire up wireshark and steal unencrypted pop,
> imap, and instant messenger password, so can someone else.
>
> I nearly always VPN or use an SSH proxy on any scary wifi connection :).
>
>    
>> The problem is both of my friends couldn't get WPA to work.  My
>> wife's sister in law was refusing to use her new laptop because her
>> husband had turned WPA off to get it on the internet.  I told them
>> how to set up MAC filtering over the phone and now she is surfing the
>> internet confident that her computer is safe.  Just like she sleeps
>> soundly because she doesn't know how easy it is to break into her
>> locked house.
>>      
> With any semi-modern hardware (3-4+ years?) I wouldn't expect wpa/wpa2
> to be a problem.  WEP tends to be problematic because there is more than
>
> one algorithm for converting a passphrase to a hex key.
>
> MAC filtering will likely narrow the opportunity for attack, though.  If
>
> someone drives by while no authorized machines are connected then they
> will not see any valid MAC addresses to clone.
>
> Pat
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
> Proud partner. Susan G. Komen for the Cure.
>
> Please consider our environment before printing this e-mail or attachments.
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
> ----------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>    



More information about the Ale mailing list