Main > Main Forum

What wireless router to get?

Pages: << < (4/5) > >>

scooter:


--- Quote from: maraxle on February 15, 2004, 07:18:42 pm ---As for locking it down by MAC address, the 802.11x protocol only encrypts the actual traffic, not the header, making that ineffective as well.  All I have to do is capture a few packets of the traffic going by and I have the MAC address you're using.  Now I wait until you turn off your laptop and go to bed (or DoS you), change the MAC on my card (yes, you can do that), and I am on your network.

By the way, this is coming from the perspective of a somewhat paranoid security professional.

--- End quote ---

You still need to get my WEP key before you are going to get onto my network.  You will need to sniff for about a day (minimum) on a heavy network before you can "crack" this (assuming 128bit).  "Hello, police?  I'd like to report a suspicious car in front of my house..."    ;)

Of course, *my* key would be changed before you would ever get this.   ;D


-Scooter

krick:

All I have to say is Linksys is now part of Cisco (the number one name in network hardware) as the result of a recent aquisition.  Cisco has a reputation to uphold.  The won't sell crap or give lousy support because excessive negative press will hurt their stock price.  Buy Linksys.



maraxle:


--- Quote from: scooter on February 20, 2004, 07:33:53 pm ---You still need to get my WEP key before you are going to get onto my network.  You will need to sniff for about a day (minimum) on a heavy network before you can "crack" this (assuming 128bit).  "Hello, police?  I'd like to report a suspicious car in front of my house..."    ;)

--- End quote ---
Not so.  Read my post above about the initialization vector.  Your key strength is effectively only 104 bit, since the IV is not randomized properly.  Anyway, WEP can be cracked with AirSnort in 5-10 minutes on a network with fairly heavy traffic.  All you need is about 100mb worth of packets...

scooter:

I agree that the IV is weak, but you still need ~2000 weak ("interesting") packets.  Read http://airsnort.shmoo.com/faq.html#Q8 from the Airsnort FAQ.

On a sample network of 4 employees, they say 16 days.

maraxle:

The catch is that they're referring to business-class wireless products rather than the stuff people buy for home (Netgear, Linksys, etc).  The business class ones actually randomize the IV, making the "interesting" packets spread out by a decent amount of time/packets.  However, the cheap home WAPs do not properly randomize the IV.  They often cycle through only a few IVs, or have a predictable randomization scheme.  Some (think $30 and under) even use a fixed IV.  The problem with this is that if they cycle through say 100 different IVs, then every 100 packets, the cycle repeats.  That puts the "interesting" packets very close together.  In the case of the really cheap WAPs, they don't even bother to change the IV so EVERY packet is "interesting".

Pages: << < (4/5) > >>

Go to full version