Wireless Security Survey

[The_Techie]

Hi guys

This thread only applies to people connecting wirelessly to a router. I am conducting a survey about wireless security.

If you are willing to participate: Please state which type of encryption you are using (WEP, WPA-PSK, what have you) as well as the key length (bits for WEP and characters for WPA). Disclaimer: I don't want you key, only it's length! PLEASE DON'T POST YOUR KEY AS I AM NOT INTERESTED IN IT!

Thanks

 

[Syndyre]

WPA-PSK, key length: 12 chars

 

[Nickste]

WPA-PSK
Key Length: 17 chars

 

[The_Techie]

Do any of you guys use the rekey function on your routers?

 

[Syndyre]

No.

 

[The_Techie]

No.

Can you PLEASE tell me what it does? I'm at a loss...

 

[Syndyre]

I'm not sure to be honest, haven't even seen it in my router settings.

 

[Syndyre]

But Google knows all, take a look here:

http://articles.techrepublic.com.com/5100-1035_11-5060773.html
http://www.short-media.com/forum/archive/index.php/t-4023.html

 

[The_Techie]

Thanks, will read through those.

 

[The_Techie]

Also, which encryption standard do you guys use, AES or TKIP?

 

[supersunbird]

WEP 152bit

 

[The_Techie]

WEP 152bit

How long would your key be with 152-bit WEP?

 

[w1z4rd]

WPA2 + MAC filtering + No SSID broadcast

 

[The_Techie]

Whoops

Whoops, forgot to post my own details

WPA-PSK (63 Random Characters, AES)
MAC Address Filtering
Router Firewall
DoS Protection

 

[supersunbird]

How long would your key be with 152-bit WEP?

I dont care, just had a website generate one for me...

 

[w1z4rd]

collin.m writes in with news of results out of Darmstadt. Erik Tews and others there have demonstrated how to recover a 104-bit WEP key in under a minute, requiring the capture of fewer than 10% the number of packets the previous best method called for. The paper is here (PDF). Quoting: "We were able to extend Klein's attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets... for 85,000 data packets [the success probability is] about 95%... 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz..."

http://hardware.slashdot.org/article.pl?sid=07/04/03/2116239

 

[The_Techie]

That reminds me, a guy calculated the time it would take to brute-force a WPA-PSK passphrase if you had the actual encrypted data that had the passphrase stored in it (captured during the 4-way handshake). Since you can't get the passphrase from continued capture of packets since the key is changed almost every 10,000 packets, you have to brute-force your way in with the actual passphrase (unless you can launch a dictionary attack). But I am assuming that you are creating your passphrases with random characters.

Well, the amount of years needed to brute-force a passphrase with a single top-spec computer is as follows (I'll only show you the passphrases consisting of 7, 12, 14, 20 and 63 characters):

7 characters: 12.4 years
12 characters: 750,788,352 years
14 characters: 973,021,704,192 years
20 characters: 2,118,056,458,229,760,000,000 years
63 characters: 17,658,144,456,067,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 years

Makes for some interesting reading, doesn't it?

 

[ID10T]

I have
mac filtering
WPA - 63 chars
hardwired firewall

 

[edc]

MAC filtering only.

 

[The_Techie]

MAC filtering only.

How many PCs are allowed on your network through MAC address filtering? We have MAC address filtering set up to only allow the 5 PCs spesified by us on our network.