Re: [slim] WPA WEP etc...
Peter;183360 Wrote: > ASS-Ware wrote: > > jonheal;182579 Wrote: > > > >> Being pretty much an idiot when it comes to networking stuff, > please > >> clarify something for me: > >> > >> As I understand it, encrypting your wireless broadcasts (hopefully) > >> prevents an eavesdropper from reading the packets you send out into > the > >> atmosphere. Protecting the integrity of your network, and the > machines > >> on it, is another matter entirely. Am I wrong in that assumption? > And > >> if all your broadcasting is music packets, is it that big of a deal > to > >> protect them? > >> > > > > The thing is, once somebody hacks your wifi, that person is in your > > network and can try to access all computers in your network, and > even > > worse, use your internet connection for attacks to other networks on > > the web and you are the one to blame if it's discovered as they use > > your connection. > > And what about somebody hacking your wifi and thus being part of > your > > network and then download child pornography ? > > If discovered, they come to your door !!! > > That happened not far from my village. > > > > They may come to your door, but they won't prosecute you unless they > find more evidence. Of course, the hacker may leave some evidence on > your disk, but that would be a personal attack against you, which is > possible if you have enemies. It sounds unlikely to me that child porn > > enthousiasts would possess such technical knowledge and go through all > > that physical work. If you're that good, you'd better set up a botnet > to > do your dirty work and control them over TOR from the comfort of your > own home. > > Regards, > Peter Well, it happened close to my town. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
ASS-Ware wrote: > jonheal;182579 Wrote: > >> Being pretty much an idiot when it comes to networking stuff, please >> clarify something for me: >> >> As I understand it, encrypting your wireless broadcasts (hopefully) >> prevents an eavesdropper from reading the packets you send out into the >> atmosphere. Protecting the integrity of your network, and the machines >> on it, is another matter entirely. Am I wrong in that assumption? And >> if all your broadcasting is music packets, is it that big of a deal to >> protect them? >> > > The thing is, once somebody hacks your wifi, that person is in your > network and can try to access all computers in your network, and even > worse, use your internet connection for attacks to other networks on > the web and you are the one to blame if it's discovered as they use > your connection. > And what about somebody hacking your wifi and thus being part of your > network and then download child pornography ? > If discovered, they come to your door !!! > That happened not far from my village. > They may come to your door, but they won't prosecute you unless they find more evidence. Of course, the hacker may leave some evidence on your disk, but that would be a personal attack against you, which is possible if you have enemies. It sounds unlikely to me that child porn enthousiasts would possess such technical knowledge and go through all that physical work. If you're that good, you'd better set up a botnet to do your dirty work and control them over TOR from the comfort of your own home. Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
ASS-Ware wrote: > Peter;183283 Wrote: > >> ASS-Ware wrote: >> >>> Mark Lanctot;181815 Wrote: >>> >>> The SB3 also supports WPA2/AES. Now WPA/TKIP hasn't been broken yet so it's probably overkill, but >> as >> they say, go big or go home...WPA2/AES works just fine for me and >> was >> as easy as WPA/TKIP to implement. >>> I am sorry to say you are wrong, but WPA hacks are available and so >>> >> are >> >>> WPA2 hacks. >>> >>> >> Link? >> >> Regards, >> Peter >> > > Google. > Read magazines. > Search security forums. > Go to security lectures. > I have see a man hack into a WPA2 protected wifi network withing 5 > minutes. > How many characters was the key? Was it random generated? AFAIK people choosing crackable passwords is the main weakness. Show me a crack of a random 64 character password... Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
snarlydwarf wrote: > Mark Lanctot;183284 Wrote: > >> Looks like a pretty esoteric black hat crack to me. Although I don't >> fully understand the tool, it looks like made-up SSIDs and long, >> complex passphrases will still help. >> > > It's really a matter of timeshifting. Note that only advantage between > the first test (straight dictionary attack) and the second (precomputed > dictionary attack) is that the data set can be recycled for a given > SSID. > > If you change your SSID to not be stock, then the dictionary will need > to be recomputed. > > If you change your passphrase to not be one of the ones in the > dictionary, it will still not succeed. > > Which brings it back down to "don't choose lame-ass passwords", which > is already known. This attack only makes using lame-ass passwords with > stock SSID's weaker. > > AFAICS these are all dictionary attacks. That's why you don't choose or invent a password but you generate a random one of 64 characters. There are sites on the web to help you (note that they will know your password). Luckily most of the time you will copy & paste your key (unless you're dealing with an SB) so it won't be too much work. Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Mitch Harding;183310 Wrote: > If you can convince my cable company to supply me faster access, please > do! Get another ISP then ;-) -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
ASS-Ware;183300 Wrote: > The thing is, once somebody hacks your wifi, that person is in your > network and can try to access all computers in your network, and even > worse, use your internet connection for attacks to other networks on > the web and you are the one to blame if it's discovered as they use > your connection. > And what about somebody hacking your wifi and thus being part of your > network and then download child pornography ? > If discovered, they come to your door !!! > That happened not far from my village. Just because they're on my network doesn't mean they can access my machines. They'd need a LAN ID to map a drive. Heck, I can't even map drives on some of the machines! As for downloading porn using me as a proxy, you can do the same thing at Starbucks. Do you think the Department of Justice is going after Starbucks and all of the tens of thousands of other wi-fi hotspots and tens of thousands of private unsecured networks? -- jonheal Jon Heal says: Have a nice day! http://www.theheals.org/ ~~~ SB3 (wired - 6.3.1) | Home-brew PC running XP Pro | DENON DRA-395 | PSB Stratus Bronze (2) | Outlaw Audio LFM-2 (1) | DIY Speaker Cables | Dayton Audio Interconnects jonheal's Profile: http://forums.slimdevices.com/member.php?userid=2133 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
If you can convince my cable company to supply me faster access, please do! I sent them my college transcript and some glowing references from my coworkers, but so far no luck... On 2/24/07, ASS-Ware <[EMAIL PROTECTED]> wrote: Mitch Harding;183308 Wrote: > Yeah, but why would they bother targeting someone with WPA or WPA2 when > there are still plenty of people using WEP or no security at all? Maybe because people that know what they are doing, setting wpa2 for example, have faster internet access ? Dunno. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Mitch Harding;183308 Wrote: > Yeah, but why would they bother targeting someone with WPA or WPA2 when > there are still plenty of people using WEP or no security at all? Maybe because people that know what they are doing, setting wpa2 for example, have faster internet access ? Dunno. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Yeah, but why would they bother targeting someone with WPA or WPA2 when there are still plenty of people using WEP or no security at all? My goal in using WPA2 is to make it as inconvenient as possible. Given that right now I can see two of my neighbors unsecured networks, and given that some of the others are probably only using WEP... well, I'm not losing much sleep. On 2/24/07, ASS-Ware <[EMAIL PROTECTED]> wrote: Paul_B;183246 Wrote: > If a professional decides to hack you then they can crak WEP, WPA, WPA2. > But we would they bother on a residential estate? They sit in cars, they hack wifi networks and download illegal stuff like child pornography. And it's downloaded from your internet connection, so you are the one they come to once it's discovered. It happened near my town. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Paul_B;183246 Wrote: > If a professional decides to hack you then they can crak WEP, WPA, WPA2. > But we would they bother on a residential estate? They sit in cars, they hack wifi networks and download illegal stuff like child pornography. And it's downloaded from your internet connection, so you are the one they come to once it's discovered. It happened near my town. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
jonheal;182579 Wrote: > Being pretty much an idiot when it comes to networking stuff, please > clarify something for me: > > As I understand it, encrypting your wireless broadcasts (hopefully) > prevents an eavesdropper from reading the packets you send out into the > atmosphere. Protecting the integrity of your network, and the machines > on it, is another matter entirely. Am I wrong in that assumption? And > if all your broadcasting is music packets, is it that big of a deal to > protect them? The thing is, once somebody hacks your wifi, that person is in your network and can try to access all computers in your network, and even worse, use your internet connection for attacks to other networks on the web and you are the one to blame if it's discovered as they use your connection. And what about somebody hacking your wifi and thus being part of your network and then download child pornography ? If discovered, they come to your door !!! That happened not far from my village. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Peter;183283 Wrote: > ASS-Ware wrote: > > Mark Lanctot;181815 Wrote: > > > >> The SB3 also supports WPA2/AES. > >> > >> Now WPA/TKIP hasn't been broken yet so it's probably overkill, but > as > >> they say, go big or go home...WPA2/AES works just fine for me and > was > >> as easy as WPA/TKIP to implement. > >> > > > > I am sorry to say you are wrong, but WPA hacks are available and so > are > > WPA2 hacks. > > > > Link? > > Regards, > Peter Google. Read magazines. Search security forums. Go to security lectures. I have see a man hack into a WPA2 protected wifi network withing 5 minutes. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Mark Lanctot;183284 Wrote: > > Looks like a pretty esoteric black hat crack to me. Although I don't > fully understand the tool, it looks like made-up SSIDs and long, > complex passphrases will still help. It's really a matter of timeshifting. Note that only advantage between the first test (straight dictionary attack) and the second (precomputed dictionary attack) is that the data set can be recycled for a given SSID. If you change your SSID to not be stock, then the dictionary will need to be recomputed. If you change your passphrase to not be one of the ones in the dictionary, it will still not succeed. Which brings it back down to "don't choose lame-ass passwords", which is already known. This attack only makes using lame-ass passwords with stock SSID's weaker. -- snarlydwarf snarlydwarf's Profile: http://forums.slimdevices.com/member.php?userid=1179 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Peter;183283 Wrote: > Link? This got me curious too, some Googling got me to: http://www.churchofwifi.org/default.asp?PageLink=Project_Display.asp?PID=95 and http://www.wirelessdefence.org/Contents/coWPAttyMain.htm Looks like a pretty esoteric black hat crack to me. -- Mark Lanctot "It's like, you know, a New Age religion, but with better treble response." - Jon Heal Mark Lanctot's Profile: http://forums.slimdevices.com/member.php?userid=2071 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
ASS-Ware wrote: > Mark Lanctot;181815 Wrote: > >> The SB3 also supports WPA2/AES. >> >> Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as >> they say, go big or go home...WPA2/AES works just fine for me and was >> as easy as WPA/TKIP to implement. >> > > I am sorry to say you are wrong, but WPA hacks are available and so are > WPA2 hacks. > Link? Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Paul_B;183246 Wrote: > If a professional decides to hack you then they can crak WEP, WPA, WPA2. > But we would they bother on a residential estate? Script kiddies can > probabaly crack WEP but easier to go after no security. > > So what is the answer? Well to make it as hard as possible by using > WPA2 with short timeouts between key changes. Use a complex password > with as many characters as possible and a decent length. Maybe, if you > are paranoid, look at digital certificates. But if you are really > paranoid don't connect to the internet It's got nothing to do with an internet connection, it's the wifi connection to your personal network, which can be hacked and then they can access your computer(s). Internet or no internet is not important. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
If a professional decides to hack you then they can crak WEP, WPA, WPA2. But we would they bother on a residential estate? Script kiddies can probabaly crack WEP but easier to go after no security. So what is the answer? Well to make it as hard as possible by using WPA2 with short timeouts between key changes. Use a complex password with as many characters as possible and a decent length. Maybe, if you are paranoid, look at digital certificates. But if you are really paranoid don't connect to the internet -- Paul_B Paul ~ Slimserver 6.5.1 on EPIA VIA EN15000 Mini-ITX running Windows 2003 R2. Remote storage QNAP(2.0.0)~(300GB WD) SB3 (x1) RIP - dBpowerAMP R12 to FLAC ID3 Tags - MP3Tag v2.37d ~ Paul_B's Profile: http://forums.slimdevices.com/member.php?userid=3039 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
ASS-Ware;183235 Wrote: > I am sorry to say you are wrong, but WPA hacks are available and so are > WPA2 hacks. OK, come crack me. -- Mark Lanctot "It's like, you know, a New Age religion, but with better treble response." - Jon Heal Mark Lanctot's Profile: http://forums.slimdevices.com/member.php?userid=2071 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Mark Lanctot;181815 Wrote: > The SB3 also supports WPA2/AES. > > Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as > they say, go big or go home...WPA2/AES works just fine for me and was > as easy as WPA/TKIP to implement. I am sorry to say you are wrong, but WPA hacks are available and so are WPA2 hacks. -- ASS-Ware ASS-Ware's Profile: http://forums.slimdevices.com/member.php?userid=4280 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Peter;182606 Wrote: > Mark Lanctot wrote: > > jonheal;182579 Wrote: > > > >> Being pretty much an idiot when it comes to networking stuff, > please > >> clarify something for me: > >> > >> As I understand it, encrypting your wireless broadcasts (hopefully) > >> prevents an eavesdropper from reading the packets you send out into > the > >> atmosphere. Protecting the integrity of your network, and the > machines > >> on it, is another matter entirely. Am I wrong in that assumption? > And > >> if all your broadcasting is music packets, is it that big of a deal > to > >> protect them? > >> > > > > I'm no more than a novice at this myself, but yes, this is something > > outside a normal LAN. If your machines are infected with various > > backdoors, it doesn't matter how secure your WPA2 passphrase > > is...although interestingly an attacker could still not find it out > > unless he was running a keylogger as you typed it in. > > > > But in regards to just broadcasting music packets and packets > destined > > for an SB, you need to protect them even more because: > > > > - there will always be traffic an attacker could monitor > > > > - when broadcasting music, a steady stream of packets will be > present > > to analyze > > > > As I understand it, these attacks work better when you have lots of > > packets to analyze. Once an attacker derives a passphrase, he can > (at > > the very least) use your IP address for whatever purpose he wants. > > This includes child porn - there have been several high-profile > busts > > recently where police are tracking offenders based on IP addresses, > and > > you would have to prove your wireless network was compromised in > > court...meanwhile your name would be published in the local media. > > > > Possibly, but the chances are rather small. I read an article on the > exact way of cracking a WEP protected network recently and the 'bad > guys' have devised a little trick to get lots of packets. They just > grab > one of your encrypted packets and (re)send it to one of your hosts. The > > host will receive the packet and reply to it, another packet to > analyze... The method used in the article required two PC's, a special > > Linux boot CD and two wireless cards with a specific chipset. Quite a > hassle still.. > > Once an attacker is on your LAN, he's also one step closer to > accessing > > your hard drive contents. Your router won't stop him, it'll be up > to > > software firewalls if he gets that far. Blocking by MAC address is > > useless here - he'll be able to see the MAC addresses of all the > > devices on your network and can clone one. > > > > It's a funny thing wireless security. If you leave your PC/network open > > to the internet you *will* be targeted by thousands or tens of > thousands > of (professional) automated hacking attempts. If you leave your > wireless > network open you will be open to attack by a dozen neighbours. The > chances of your neighbours wanting to target you and having the skill > to > do are possibly not so great. One of my neighbours has his network > open, > I even used it briefly once or twice, but I've never gone so far as > snooping around on it. The chances of anyone around me wanting to go > through the hassle of cracking a WEP key would be fairly slim. > > Then again I read an interesting attack recently in which the bad guys > > would drive thru the city with a PC that automatically looked for open > > networks with no encryption. The PC would be loaded with knowledge of > popular routers and their configs and default passwords and would > contact any routers it could find and change the DNS settings so it > would use a DNS server controlled by the attacker. By manipulating DNS > > responses they would be able to get between the victim and there > banking > websites. > > I'd take the trouble to set up WPA encryption if I were my neighbour. I > > don't know which one it is, perhaps I should snoop around a little ;) > > Regards, > Peter Fortunately, I live on a cul-de-sac. I know all of the close neighbors. Should I see someone parked in the cul-de-sac with a laptop, I reckon I'll break out the Louisville Slugger, and said perp can figure on a wood shampoo. -- jonheal Jon Heal says: Have a nice day! http://www.theheals.org/ ~~~ SB3 (wired - 6.3.1) | Home-brew PC running XP Pro | DENON DRA-395 | PSB Stratus Bronze (2) | Outlaw Audio LFM-2 (1) | DIY Speaker Cables | Dayton Audio Interconnects jonheal's Profile: http://forums.slimdevices.com/member.php?userid=2133 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Mark Lanctot wrote: > jonheal;182579 Wrote: > >> Being pretty much an idiot when it comes to networking stuff, please >> clarify something for me: >> >> As I understand it, encrypting your wireless broadcasts (hopefully) >> prevents an eavesdropper from reading the packets you send out into the >> atmosphere. Protecting the integrity of your network, and the machines >> on it, is another matter entirely. Am I wrong in that assumption? And >> if all your broadcasting is music packets, is it that big of a deal to >> protect them? >> > > I'm no more than a novice at this myself, but yes, this is something > outside a normal LAN. If your machines are infected with various > backdoors, it doesn't matter how secure your WPA2 passphrase > is...although interestingly an attacker could still not find it out > unless he was running a keylogger as you typed it in. > > But in regards to just broadcasting music packets and packets destined > for an SB, you need to protect them even more because: > > - there will always be traffic an attacker could monitor > > - when broadcasting music, a steady stream of packets will be present > to analyze > > As I understand it, these attacks work better when you have lots of > packets to analyze. Once an attacker derives a passphrase, he can (at > the very least) use your IP address for whatever purpose he wants. > This includes child porn - there have been several high-profile busts > recently where police are tracking offenders based on IP addresses, and > you would have to prove your wireless network was compromised in > court...meanwhile your name would be published in the local media. > Possibly, but the chances are rather small. I read an article on the exact way of cracking a WEP protected network recently and the 'bad guys' have devised a little trick to get lots of packets. They just grab one of your encrypted packets and (re)send it to one of your hosts. The host will receive the packet and reply to it, another packet to analyze... The method used in the article required two PC's, a special Linux boot CD and two wireless cards with a specific chipset. Quite a hassle still.. > Once an attacker is on your LAN, he's also one step closer to accessing > your hard drive contents. Your router won't stop him, it'll be up to > software firewalls if he gets that far. Blocking by MAC address is > useless here - he'll be able to see the MAC addresses of all the > devices on your network and can clone one. > It's a funny thing wireless security. If you leave your PC/network open to the internet you *will* be targeted by thousands or tens of thousands of (professional) automated hacking attempts. If you leave your wireless network open you will be open to attack by a dozen neighbours. The chances of your neighbours wanting to target you and having the skill to do are possibly not so great. One of my neighbours has his network open, I even used it briefly once or twice, but I've never gone so far as snooping around on it. The chances of anyone around me wanting to go through the hassle of cracking a WEP key would be fairly slim. Then again I read an interesting attack recently in which the bad guys would drive thru the city with a PC that automatically looked for open networks with no encryption. The PC would be loaded with knowledge of popular routers and their configs and default passwords and would contact any routers it could find and change the DNS settings so it would use a DNS server controlled by the attacker. By manipulating DNS responses they would be able to get between the victim and there banking websites. I'd take the trouble to set up WPA encryption if I were my neighbour. I don't know which one it is, perhaps I should snoop around a little ;) Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
jonheal;182579 Wrote: > Being pretty much an idiot when it comes to networking stuff, please > clarify something for me: > > As I understand it, encrypting your wireless broadcasts (hopefully) > prevents an eavesdropper from reading the packets you send out into the > atmosphere. Protecting the integrity of your network, and the machines > on it, is another matter entirely. Am I wrong in that assumption? And > if all your broadcasting is music packets, is it that big of a deal to > protect them? I'm no more than a novice at this myself, but yes, this is something outside a normal LAN. If your machines are infected with various backdoors, it doesn't matter how secure your WPA2 passphrase is...although interestingly an attacker could still not find it out unless he was running a keylogger as you typed it in. But in regards to just broadcasting music packets and packets destined for an SB, you need to protect them even more because: - there will always be traffic an attacker could monitor - when broadcasting music, a steady stream of packets will be present to analyze As I understand it, these attacks work better when you have lots of packets to analyze. Once an attacker derives a passphrase, he can (at the very least) use your IP address for whatever purpose he wants. This includes child porn - there have been several high-profile busts recently where police are tracking offenders based on IP addresses, and you would have to prove your wireless network was compromised in court...meanwhile your name would be published in the local media. Once an attacker is on your LAN, he's also one step closer to accessing your hard drive contents. Your router won't stop him, it'll be up to software firewalls if he gets that far. Blocking by MAC address is useless here - he'll be able to see the MAC addresses of all the devices on your network and can clone one. -- Mark Lanctot "It's like, you know, a New Age religion, but with better treble response." - Jon Heal Mark Lanctot's Profile: http://forums.slimdevices.com/member.php?userid=2071 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Being pretty much an idiot when it comes to networking stuff, please clarify something for me: As I understand it, encrypting your wireless broadcasts (hopefully) prevents an eavesdropper from reading the packets you send out into the atmosphere. Protecting the integrity of your network, and the machines on it, is another matter entirely. Am I wrong in that assumption? And if all your broadcasting is music packets, is it that big of a deal to protect them? -- jonheal Jon Heal says: Have a nice day! http://www.theheals.org/ ~~~ SB3 (wired - 6.3.1) | Home-brew PC running XP Pro | DENON DRA-395 | PSB Stratus Bronze (2) | Outlaw Audio LFM-2 (1) | DIY Speaker Cables | Dayton Audio Interconnects jonheal's Profile: http://forums.slimdevices.com/member.php?userid=2133 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Mark Lanctot wrote: > Well yes, password size matters, but I was referring to AES's more > advanced encryption than TKIP. > > Since TKIP hasn't been broken yet, AES is overkill - but still, it > costs nothing in terms of time and money to implement, so I did it. > The main risk at the moment is using brute force to crack the keys. Using a short password or one from a dictionary is just as big a problem with AES as with TKIP. That's also the attack against WEP, except that in this case some stupidities in the protocol implementation make it a lot easier. But it's not very difficult to make an insecure implementation of AES encryption. Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Well yes, password size matters, but I was referring to AES's more advanced encryption than TKIP. Since TKIP hasn't been broken yet, AES is overkill - but still, it costs nothing in terms of time and money to implement, so I did it. -- Mark Lanctot "It's like, you know, a New Age religion, but with better treble response." - Jon Heal Mark Lanctot's Profile: http://forums.slimdevices.com/member.php?userid=2071 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Paul_B wrote: > Password size and complexity I would guess. Try to use nouns and use > uppercase, lowercase, numbers and non-alphanumeric characters like > commas, dashes, etc. > Obviously. A long string of 's wouldn't be very secure. Entropy is what you're after. Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Password size and complexity I would guess. Try to use nouns and use uppercase, lowercase, numbers and non-alphanumeric characters like commas, dashes, etc. -- Paul_B Paul ~ Slimserver 6.5.1 on EPIA VIA EN15000 Mini-ITX running Windows 2003 R2. Remote storage QNAP(2.0.0)~(300GB WD) SB3 (x1) RIP - dBpowerAMP R12 to FLAC ID3 Tags - MP3Tag v2.37d ~ Paul_B's Profile: http://forums.slimdevices.com/member.php?userid=3039 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
Mark Lanctot wrote: > The SB3 also supports WPA2/AES. > > Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as > they say, go big or go home...WPA2/AES works just fine for me and was > as easy as WPA/TKIP to implement. > It's more a matter of password size IIRC. (size matters) Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
The SB3 also supports WPA2/AES. Now WPA/TKIP hasn't been broken yet so it's probably overkill, but as they say, go big or go home...WPA2/AES works just fine for me and was as easy as WPA/TKIP to implement. -- Mark Lanctot "It's like, you know, a New Age religion, but with better treble response." - Jon Heal Mark Lanctot's Profile: http://forums.slimdevices.com/member.php?userid=2071 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
>pkfox;181653 Wrote: >> Hi All, what wireless security can be used on a SB3 ? I currently use >> WEP which I've heard is next to useless > >I use WPA/PSK for my SB3 with no problems. Same here. And you are correct, WEP is functionally useless against any kind of mildly interested attacker. Kevin -- Kevin O. Lepard Happiness is being 100% Microsoft free. ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
2pods;181654 Wrote: > I use WPA/PSK for my SB3 with no problems. thanks , I was a bit confused as the SB's setup only offers WEP, then I saw in another post that you need to setup the router's security first, which then changes the SB's option, thanks again -- pkfox When the going gets weird - the weird turn pro. Hunter S Thompson pkfox's Profile: http://forums.slimdevices.com/member.php?userid=5346 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] WPA WEP etc...
pkfox;181653 Wrote: > Hi All, what wireless security can be used on a SB3 ? I currently use > WEP which I've heard is next to useless I use WPA/PSK for my SB3 with no problems. -- 2pods 2pods's Profile: http://forums.slimdevices.com/member.php?userid=7951 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss