WiFi Newbie

[bdt]

I spent some time doing various attacks on a WEP AP to see what is good and want is not. 128 takes longer to 1) capture the IV you need and 2) to find the key on the offline attack.

Stumbled across this interesting looking toy. Worth noting that atacking WPA(PSK only) is limited to brute-force & dict. only: good to see, that!

 

[skydog]

Stumbled across this interesting looking toy. Worth noting that atacking WPA(PSK only) is limited to brute-force & dict. only: good to see, that!

good link... I see it has a windows version not sure how that works... maybe i will try if i have sometime

I could be wrong as i'm going from memory here but is that not the tool that toms used in their article.

It is important to note that WPA can easily be cracked if the passphrase is very weak. So the moral of the sorry is use a good long random passphrase.

 

[henkk78]

hume?

as in derek hume perhaps?

pm me!

 

[bdt]

It is important to note that WPA can easily be cracked if the passphrase is very weak. So the moral of the sorry is use a good long random passphrase.

Well yes, but this is the eternal struggle between good security practise and (l)users ..but I'm sure you know this already. A case in point: a client of mine that lives in Riverclub degraded down to plaintext a password I had set based on that very word, and which I had told him the very simple scheme by which the far more secure one was generated. *shrug* .. you can't stop someone determined to shoot themselves in the foot: about your best recourse is to make sure your CYA (cover your arse) documentation is on hand for when it's inevitably necessary!