[Full-disclosure] Question Regarding Wireless Frames
Hi All, Recently i come to know about a network where becon frames where blocked.With the limited knowledge about this stuff i am wondering is there any other kind of frames from which we can identify the accesspoint over a wirless network? Thanks for any help. -- _code ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
On Thu, 05 Apr 2007 17:47:35 -0400 Red Leg [EMAIL PROTECTED] wrote: On 4/5/07 5:08 PM, Paul Szabo [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: (...) While the USS Nimitz Carrier Battle Group is making haste to the Arabian Gulf (formerly known as the Persian Gulf), to help secure the sea lanes for the oil market (THE WEST PAYS A FAIR PRICE FOR THE COMMODITY) without which Europe's economy would be destroyed, I have to read this crap. Look. The Europeans couldn't WAIT to get The U.S. into WWII. (BBC report of Winston Churchill: Defender of Democracy By Dr Geoffrey Best: In foreign affairs, his greatest achievement was to engage the sympathy of the United States, without whose material help - and, better, military alliance - Britain, he well understood, had no chance of winning. Now, 60 years later, you want to pat us on the head and send us back home? that's not true. when western countries (GB, USA) joined in WWII, the battle was already won by the russian red army. What makes you think that the U.S. Would now believe you won't screw up again and cause a couple of million U.S. Military casualties when you engage our sympathy next time? Nope! The U.S. will continue be PROACTIVE - and that's whether the Democrats or Republicans are in power. And the U.S. does appreciate the wisdom of Tony Blair and John Howard to mention only 2 who are well aware of what it takes to keep the sea lanes safe for commerce. Also, thanks to the Royal Navy and Marines who are still patrolling the Iraq/Iran border sea lane. So, if we STAY THE EFF on the security topic, then we will ALL be much happier. Oh, yes, the above IS security! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
On Thu, 05 Apr 2007 23:05:25 +0200 Martin Hudec [EMAIL PROTECTED] wrote: Paul Schmehl wrote: Furthermore, no democratic country has ever started a war with another democratic country. (That's as in zero.) The majority of wars are begun between two non-democratic countries, and democratic countries have the lowest incidence of foreign and domestic violence of any form of government. (And yes, that includes the US.) The fact is that if all countries in the world would adopt democracy, there would be no more wars. What a lovely idea. Too bad that it crashes directly with the very basics of the human nature - which is the only thing that has not changed for all those thousand years of written history. Despite all the glorious technological advancements we have achieved, we are still the very same bloodthirsty and envious creatures as we were in the days when the stars were young and too sad that we did not learn nothing in the process, still ignorant to everything but us. No state system or religion, be it democracy or communism, be it islam or christianity, will change that. It simply does not matter. nice evening, Martin martin, you call communism a state system; that's the best prove you don't even know the very basics of communism, but you hate it nevertheless. propaganda works, q.e.d. timo :) [who admits that he read Marx/Engels, Lenin, Trotzki, Mandel, Hegel and the like] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
On Fri, 6 Apr 2007 07:08:52 +1000 Paul Szabo [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: - Cuba [is paradise] Have you ever been to (lived for an extended period in) Cuba? in fact, _I_ did, as you could read on my email from yesterday, 9:04pm. their health care is way way better and _everyone_ can afford it, as it doesn't cost anything for people there. admitting, they don't have new iPods every two months -- but who needs them there? they are not in the situation like the US where 'panem and circensis' is neccessary to keep the people down. interestingly, even the german burgouise media said (when Castro was ill last year) that more than 2/3 of the Cuban people back the revolution. so, how much is that in reality? go figure. [I almost wonder how do you explain the Cuban emigration: about 2 million have left, with 10 million remaining in Cuba; and those left dream about leaving the country. i did not meet many of them. i recommend watching 'Surplus: Terrorized Into Being Consumers' [0] where a Cuban girl -- being interviewed in Cuba -- tells about her year in GB as an exchange student; very enlightening. Really, why don't people emigrate to Cuba: I know of some people who have spent months there, as tourists; why don't they, you, go to live there permanently?] in fact, people do. [BTW: what has this got to do with security, or full-disclosure?] defending against antihumanist propaganda has to be done, regardless where. it's very important to keep fighting against fascism. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia [0] -- http://imdb.com/title/tt0368314/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The Cyber war on Iran
--- [EMAIL PROTECTED] wrote: At that point, your only choice for stopping the flow of martyrs is cutting off the supply via genocide. Is that what you're advocating, Paul? Now who's the extremist here? http://en.wikiquote.org/wiki/Terrorist One man's terrorist is another man's freedom fighter. * Raoul in Die Another Day Netional heroes? -- __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] AOL Nullsoft Winamp S3M Module IN_MOD.DLL Remote Heap Memory Corruption
AOL Nullsoft Winamp S3M Module IN_MOD.DLL Remote Heap Memory Corruption by Piotr Bania [EMAIL PROTECTED] http://www.piotrbania.com Severity: Important - Potencial remote code execution. Software affected: Tested on AOL Nullsoft Winamp v5.33 (x86) Feb 13 2007 (on Windows XP SP1/SP2). Orginal url: http://www.piotrbania.com/all/adv/nullsoft-winamp-s3m_module-in_mod-adv.txt best regards, pb -- Piotr Bania - [EMAIL PROTECTED] - 0xCD, 0x19 Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33 http://www.piotrbania.com - Key ID: 0xBE43AC33 - The more I learn about men, the more I love dogs. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero)
AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero) by Piotr Bania [EMAIL PROTECTED] http://www.piotrbania.com Severity: Critical - Possible remote code execution. Software affected: Tested on AOL Nullsoft Winamp v5.33 (x86) Feb 13 2007 (on Windows XP SP1/SP2). There exist a large possiblity that any other software that is using the LIBSNDFILE.DLL component should be considered as vulnerable. Orginal url: http://www.piotrbania.com/all/adv/nullsoft-winamp-libsndfile-adv.txt best regards, pb -- Piotr Bania - [EMAIL PROTECTED] - 0xCD, 0x19 Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33 http://www.piotrbania.com - Key ID: 0xBE43AC33 - The more I learn about men, the more I love dogs. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] AOL Nullsoft Winamp IT Module IN_MOD.DLL Remote Heap Memory Corruption
AOL Nullsoft Winamp IT Module IN_MOD.DLL Remote Heap Memory Corruption by Piotr Bania [EMAIL PROTECTED] http://www.piotrbania.com Severity: Important - Potencial remote code execution. Software affected: Tested on AOL Nullsoft Winamp v5.33 (x86) Feb 13 2007 (on Windows XP SP1/SP2). Orginal url: http://www.piotrbania.com/all/adv/nullsoft-winamp-it_module-in_mod-adv.txt best regards, pb -- Piotr Bania - [EMAIL PROTECTED] - 0xCD, 0x19 Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33 http://www.piotrbania.com - Key ID: 0xBE43AC33 - The more I learn about men, the more I love dogs. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
After trying to sort through the quotes and re-quotes; I'm really not sure who made the following statement: QUOTE: == ...that's not true. when western countries (GB, USA) joined in WWII, the battle was already won by the russian red army. == Regardless, that statement is historically inaccurate. Not just a little inaccurate... COMPLETELY inaccurate. Between nonsense like that from people who apparently never bothered to open a history book and ridiculous statements like; One man's terrorist is another man's freedom fighter. it is completely obvious that practically the only people left on this list are dumbasses, script kiddies and refugees from Dumb-O-Craptic Underground. Not that anyone except me cares, but it seems to me that the S/N ratio here has finally reached a fatal level. No point in sticking around to watch the body rot. mail2web.com Enhanced email for the mobile individual based on Microsoft® Exchange - http://link.mail2web.com/Personal/EnhancedEmail ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
After trying to sort through the quotes and re-quotes; I'm really not sure who made the following statement: QUOTE: == ...that's not true. when western countries (GB, USA) joined in WWII, the battle was already won by the russian red army. == Regardless, that statement is historically inaccurate. Not just a little inaccurate... COMPLETELY inaccurate. The US was 'fighting' japan from 1941, thusly 'officially' in war with Germany, too. At this time, US soldiers did NOT fight germans, and they did not fight the Holocaust; they fought a proxy war. The US (amongst others) came to the european continent on June 6th, 1944. At that time, the red army already conquered more than two thirds of the area of nazi germany. The germans already had lost the war. (There was never a 'winner' in wars, btw.) Between nonsense like that from people who apparently never bothered to open a history book Oh yeah, I'm sure I read much more than you did; even ultra-basic mistakes are made here and screamed out into the world, e.g. talking about a 'communist state'. There just is no such thing, per definitionem. and ridiculous statements like; One man's terrorist is another man's freedom fighter. It's correct. Imagine a nigger (I use this word out of a reason!) bombing the 'Dorcia' in New York and leaving a letter that while people there are just blatant, decadent assholes tens of thousands of africans die of hunger -- guess what: He'll be a hero. Kill 'em all -- God (George W. Bush, in this context) will sort 'em out. it is completely obvious that practically the only people left on this list are dumbasses, script kiddies and refugees from Dumb-O-Craptic Underground. You're writing this in front of a mirror, eh? :) Not that anyone except me cares, but it seems to me that the S/N ratio here has finally reached a fatal level. No point in sticking around to watch the body rot. blahblah. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
[EMAIL PROTECTED] wrote: No point in sticking around to watch the body rot. GOODBYE TO ALL MY ONLINE FRIENDS FOREVER ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Question Regarding Wireless Frames
You mean SSID not broadcast? Look for the client's network-specific probe request. Kismet (and others) do this automagically. Windows quite helpfully issues probe requests for *all* the networks it has past associations for. You can also use aircrack-ng to force-deauth a client and just watch for them to reauth, since the mac-layer stuff isn't encrypted. IMHO, the Atheros chipsets work best for this sort of stuff. Get the patches to allow raw frames from aircrack's website (aircrack-ng.org/patches). The only bummer is you can't change *your* mac with ifconfig like you can with other cards. ~Mike. Code Breaker wrote: Hi All, Recently i come to know about a network where becon frames where blocked.With the limited knowledge about this stuff i am wondering is there any other kind of frames from which we can identify the accesspoint over a wirless network? Thanks for any help. -- _code ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Question Regarding Wireless Frames
Recently i come to know about a network where becon frames where blocked. Do you mean not beaconing the SSID as mentioned by Michael or do you mean they being blocked by a wireless IDS? With the limited knowledge about this stuff i am wondering is there any other kind of frames from which we can identify the accesspoint over a wirless network? Well if its just not beaconing with the SSID (aka no ssid broadcasting) then follow Michaels steps or just do a tcpdump or use wireshark to filter the frames and look into the frame control. If its due to a Wirless IDS you should still be able to see some traffic but you will probably see alot of deauths also if its trying to prevent rogues. Thanks for any help. your welcome. As for Michaels comment The only bummer is you can't change *your* mac with ifconfig like you can with other cards. Sure you can. You have to do it on the primary wifi0 and not a vap (athx). shut it first, then change it (ifconfig or tool such as macchanger), then bring it back up. hope this helps. Kevin On 4/6/07, Michael Holstein [EMAIL PROTECTED] wrote: You mean SSID not broadcast? Look for the client's network-specific probe request. Kismet (and others) do this automagically. Windows quite helpfully issues probe requests for *all* the networks it has past associations for. You can also use aircrack-ng to force-deauth a client and just watch for them to reauth, since the mac-layer stuff isn't encrypted. IMHO, the Atheros chipsets work best for this sort of stuff. Get the patches to allow raw frames from aircrack's website (aircrack-ng.org/patches). The only bummer is you can't change *your* mac with ifconfig like you can with other cards. ~Mike. Code Breaker wrote: Hi All, Recently i come to know about a network where becon frames where blocked.With the limited knowledge about this stuff i am wondering is there any other kind of frames from which we can identify the accesspoint over a wirless network? Thanks for any help. -- _code ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
You have to be joking when you say the greatest threat to humanity is capitalism. no, i'm not joking; i mentioned the 100,000+ deaths caused every day (and forgot those deaths caused by civilization diseases like diabetes, cancer etc. that is caused by 'your lifestyle'), i mentioned wars, i mentioned killing the planet... so i don't see that capitalism is NOT a thread, the greatest thread, to humanity. Well, no one can help it if you're ignorant. Estimates of dead from various totalitarian regimes are over a hundred million. China and Russia alone almost reach that figure. The worldwide figure for deaths under communist regimes from 1900 to 1987 is estimated at almost 170 million. err, look up the definition of communism (no, not what 'the US' says what communism is, but what Marx Engels, Lenin, Mandel, Thaelmann etc. wrote). Japan - 3 to 10 million Cambodia - approximately 4 million Turkey - 3.5 to 4.3 million Vietnam - 3.8 million Poland - 1 million Pakistan - 1.5 million Yugoslavia - 1.7 million North Korea - 1.6 to 3.5 million Nazi Germany - 7 to 10 million Mexico - 1.4 to 3.3 million Russia - 52 million China - 35 million If you total all the war dead and every category of violence you can think of in every democratic country on earth, you can't even get close to those appalling numbers. Furthermore, no democratic country has ever started a war with another democratic country. first of all, this is not true; there were several democratic countries starting a wars between them. on the other hand, the recent example of non-democratic countries is the faschist US invading a dictatorship, iraq. funnily, almost 80% of the iraq people say it was a better life for them before the US spread their, err, democracy there with bombs. (That's as in zero.) The majority of wars are begun between two non-democratic countries, and democratic countries have the lowest incidence of foreign and domestic violence of any form of government. (And yes, that includes the US.) The fact is that if all countries in the world would adopt democracy, there would be no more wars. YMMD! :D - Cuba has a much lower infant mortality than the US; Wow. I am so impressed. US is 6.43 and Cuba is 6.22. Statistically insignificant and, without context, meaningless. sure, while at the stock markets this would cause several men pumping sperm into their shorts. 'meaningless'... Both are less than 1/10th of the rates in a lot of the garden spots of the world that so many liberals admire. - Cuba has an overall much better health care than the US (who in the US is able to pay for health insurance? not that many people!) Estimates of uninsured in the US (not including illegal immigrants) are in the range of 20 million. estimates of whom? i saw different numbers on the net, and about half of the people in the US i know (no people from bronx, but database coders, programmers, account managers etc -- part of them with masters degree and PhD) cannot pay their health insurance, not to speak of health insurance for their family. That's about 7% of the population. Meanwhile, in the paradise of Cuba, they don't have chlorinated water, they live in dilapidated and deteriorating housing (except for the chosen few, of course), and sanitaton is almost non-existent. you where there? i was. for more than two months, and i never saw a typical 'tourist environment', not even from the far. i don't have to rely on propaganda, and i saw a different Cuba. not the whorehouse the US had before revolution came. Cuba uses a two-tier system for healthcare. Good stuff for the party members (and for viewing by the gullible) and not-so-good stuff for the hoi polloi. Cuba spends 1.5% of its overal foreign purchases on medical imports compared to 5 times that amount for the Dominican Republic. funnily, the US sends bombs out into the world; Cuba sends medicine doctors. The statement that Cuba's healthcare system is first rate reveals a profound ignorance of the actual conditions in Cuba. But if you think it's so wonderful, perhaps you'll move there to take advantage of it. in fact, i did. when my girlfriend had an appendicitis when we where there there were hospitals in every single village (!) -- very good, interdisciplinary hospitals. polyclinics, as they're also called. comparing them to german hospitals was a tragedy, as the so wealthy Germany looked so poor suddenly. of course, 'the elite' in Germany has different treatment ;) - Cuba has a much better educational system and a MUCH LOWER NUMBER of illiterates than the US Cuba's literacy rate is 96.9. The US is 99.9. Statistically insignificant, but nice try. NICE TRY? This report is the first release of the National Assessment of Adult Literacy (NAAL) health literacy results. The results are based on assessment tasks designed specifically to measure the health literacy of American adults. Health
Re: [Full-disclosure] Question Regarding Wireless Frames
Sure you can. You have to do it on the primary wifi0 and not a vap (athx). shut it first, then change it (ifconfig or tool such as macchanger), then bring it back up. This apparently wasn't working in madwifi-ng : http://madwifi.org/wiki/UserDocs/ChangeMacAddress but it was patched (apparently, it's been a while since I had to do a wireless pentest .. I've got an older version).. http://madwifi.org/ticket/323 Mea culpa. ~Mike. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
I have identified a second critical 0day vulnerability in Firebug which also affects the updated Firebug v1.0.3. The scope is the same, read/write/execute files. http://larholm.com/2007/04/06/more-0day-in-firebug/ There's a detailed walkthrough at the above, including a simplistic POC that verifies whether script was injected into the browser Chrome. From there any practical exploit would be similar to all of the older Firefox browser Chrome exploits. Joe Hewitt has already responded to the above and my previous post (http://larholm.com/2007/04/06/0day-vulnerability-in-firebug/), stating that an updated version of Firebug (1.0.4) should be released now. Updates are available and should trickle out to Firebug users through Mozilla's automated update system within the next few days. If you can't wait for that then go to Tools, Add-ons and click Find Updates. The updated version of Firebug should also prevent any closely related vulnerabilities as Joe has updated his domplate constructors to forcefully escape all strings before they are inserted into the console HTML. Cheers Thor Larholm On 4/4/07, pdp (architect) [EMAIL PROTECTED] wrote: http://www.gnucitizen.org/blog/firebug-goes-evil There is critical vulnerability in Firefox/Firebug which allows attackers to inject code inside the browser chrome. This can lead to a lot of problems. Theoretically everything is possible, from modifying the user file system to launching processes, installing ROOTKITs, you name it. I recommend to disable Firebug for now until the issue is fixed. The issues is a bit critical since Firebug is one of the most popular extensions for Firefox. Given the fact that a lot of the Firefox users are geeks, the chances to have Firebug installed in a random Firefox client are quite high. I wrote two POC to demonstrate the issue. You can find them from the page on the top of this message. The first POC runs calc.exe and cmd.exe on windows systems. The second POC does a count down from 10 to 0 and executes calc.exe to prove that automatic execution is possible. -- pdp (architect) | petko d. petkov http://www.gnucitizen.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
I seem to remember Britain being in WWII almost from the start, well before the Russians got dragged in by Adolf Still I was only young at the time, I could be mistaken On 06/04/07, Timo Schoeler [EMAIL PROTECTED] wrote: After trying to sort through the quotes and re-quotes; I'm really not sure who made the following statement: QUOTE: == ...that's not true. when western countries (GB, USA) joined in WWII, the battle was already won by the russian red army. == Regardless, that statement is historically inaccurate. Not just a little inaccurate... COMPLETELY inaccurate. The US was 'fighting' japan from 1941, thusly 'officially' in war with Germany, too. At this time, US soldiers did NOT fight germans, and they did not fight the Holocaust; they fought a proxy war. The US (amongst others) came to the european continent on June 6th, 1944. At that time, the red army already conquered more than two thirds of the area of nazi germany. The germans already had lost the war. (There was never a 'winner' in wars, btw.) Between nonsense like that from people who apparently never bothered to open a history book Oh yeah, I'm sure I read much more than you did; even ultra-basic mistakes are made here and screamed out into the world, e.g. talking about a 'communist state'. There just is no such thing, per definitionem. and ridiculous statements like; One man's terrorist is another man's freedom fighter. It's correct. Imagine a nigger (I use this word out of a reason!) bombing the 'Dorcia' in New York and leaving a letter that while people there are just blatant, decadent assholes tens of thousands of africans die of hunger -- guess what: He'll be a hero. Kill 'em all -- God (George W. Bush, in this context) will sort 'em out. it is completely obvious that practically the only people left on this list are dumbasses, script kiddies and refugees from Dumb-O-Craptic Underground. You're writing this in front of a mirror, eh? :) Not that anyone except me cares, but it seems to me that the S/N ratio here has finally reached a fatal level. No point in sticking around to watch the body rot. blahblah. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] WEEPING FOR WEP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 seconds. Knowing that WEP is no more secure than a plastic luggage lock, many people are questioning whether WEP is even useful at all. While I certainly do not recommend WEP for high security (or even moderate risk) environments, you need to remember: security is a measurement of risk. If the threat is low enough, then WEP should be fine. WEP actually has three things going in its favor: * Availability: While there are many alternatives to WEP, such as WPA and LEAP, only WEP is widely available. Hotels and coffee shops that only cater to WPA or LEAP will not support many of their customers. However, if you support WEP then everyone should be able to access the network. * Better than nothing: There's a saying in Colorado: I don't have to run faster than the bear, I just have to run faster than you. If a casual war driver or WiFi-parasite has the option to use your WEP system or your neighbor's open system, they will always choose your neighbor. Having WEP makes you less desirable than an open WiFi because there is no effort needed to use the network. If you happen to live next to a coffee shop or library that offers free WiFi, then the casual wireless user who just wants Internet access will always choose free over the hassle of cracking WEP. While WEP does not block a determined attacker who wants your network, it will stop opportunistic network users. Attackers tend to not be sophisticated and do not choose their targets. Attackers are much like Russian roulette players, and like Russian roulette players are usually both Russian and not very intelligent. * Intent: This is a biggie. If someone trespassed on your private network through an open wireless access point, then proving digital trespassing can be very difficult. However, if the user must bypass your minimalist WEP security, then they clearly show intent to trespass. Consider WEP like a low fence around a swimming pool. Without the fence, you are in trouble if a neighborhood kid drowns in the pool. It's an attractive nuisance. However, with the fence, you should be covered if a kid climbs the fence and drowns. It's still bad, but you have a standing to refute blamed since you put up a barrier, even if the barrier was minimal. As far as WEP goes, it may not be very secure, but it is better than the open-network alternative. If you have the option to use a stronger security algorithm, then definitely do that. However, if you have no other option, then WEP is better than nothing. - - Dr. Neal Krawetz, PhD Author of An Advanced Guide to chmod(1) and An Introduction to Graphical Wrappers for apt and dpkg in Ubuntu I am best known for spending two weeks figuring out alternatives to single user mode on my Mac. PhD powah! http://www.hackerfactor.com/blog/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkYWcbAACgkQDpFP8dW5K4aMSQP8CnJ3MAgAUBhBpVESlhsZppveFAwz FA92uVeBAZMR4d1s4YlPuGuiAd8X14/Q9yZmXdQthKxdteADfviJwPsqos/HDXvep6Zb wAQZfO1VLFofT1/rJ5j3rJ2gvcGu1BI7RFfX2/Sic+lVCD2aTRcpBl/G4+8lX4xjIJHC XlaWIdQ= =o3+F -END PGP SIGNATURE- -- Click to consolidate debt and lower month expenses http://tagline.hushmail.com/fc/CAaCXv1QPxZfhpzcJ4Xn8PICitIjcFxD/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
On Fri, 6 Apr 2007 13:11:38 +0100 James Rankin [EMAIL PROTECTED] wrote: I seem to remember Britain being in WWII almost from the start, well before the Russians got dragged in by Adolf Still I was only young at the time, I could be mistaken the trigger was 'the US', which was in context 'the western allies'; while Stalin saw Hitler faking very early, the US (i.e., the Bank of America -- with one of George W. Bush's grandfathers in the board of directors) was still cooperating with Nazi Germany. it's all in history books... On 06/04/07, Timo Schoeler [EMAIL PROTECTED] wrote: After trying to sort through the quotes and re-quotes; I'm really not sure who made the following statement: QUOTE: == ...that's not true. when western countries (GB, USA) joined in WWII, the battle was already won by the russian red army. == Regardless, that statement is historically inaccurate. Not just a little inaccurate... COMPLETELY inaccurate. The US was 'fighting' japan from 1941, thusly 'officially' in war with Germany, too. At this time, US soldiers did NOT fight germans, and they did not fight the Holocaust; they fought a proxy war. The US (amongst others) came to the european continent on June 6th, 1944. At that time, the red army already conquered more than two thirds of the area of nazi germany. The germans already had lost the war. (There was never a 'winner' in wars, btw.) Between nonsense like that from people who apparently never bothered to open a history book Oh yeah, I'm sure I read much more than you did; even ultra-basic mistakes are made here and screamed out into the world, e.g. talking about a 'communist state'. There just is no such thing, per definitionem. and ridiculous statements like; One man's terrorist is another man's freedom fighter. It's correct. Imagine a nigger (I use this word out of a reason!) bombing the 'Dorcia' in New York and leaving a letter that while people there are just blatant, decadent assholes tens of thousands of africans die of hunger -- guess what: He'll be a hero. Kill 'em all -- God (George W. Bush, in this context) will sort 'em out. it is completely obvious that practically the only people left on this list are dumbasses, script kiddies and refugees from Dumb-O-Craptic Underground. You're writing this in front of a mirror, eh? :) Not that anyone except me cares, but it seems to me that the S/N ratio here has finally reached a fatal level. No point in sticking around to watch the body rot. blahblah. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
Timo, one has to wonder if your utter ignorance is intential as a troll, or a sign of an idiot? I'm leaning towards the latter. Please read up on exactly who signed a non-agression pact with germany (hint, it wasn't the US or GB), and perhaps some light reading on the north african and italian campains (hint: Rommel seems like a pretty german surname to me). Well, since it's now well past dawn on April 6, one has to ask... how'd the iranian assult go? On Behalf Of Timo Schoeler: the trigger was 'the US', which was in context 'the western allies'; while Stalin saw Hitler faking very early, the US (i.e., the Bank of America -- with one of George W. Bush's grandfathers in the board of directors) was still cooperating with Nazi Germany. that's not true. when western countries (GB, USA) joined in WWII, the battle was already won by the russian red army. The US was 'fighting' japan from 1941, thusly 'officially' in war with Germany, too. At this time, US soldiers did NOT fight germans, and they did not fight the Holocaust; they fought a proxy war. The US (amongst others) came to the european continent on June 6th, 1944. At that time, the red army already conquered more than two thirds of the area of nazi germany. The germans already had lost the war. (There was never a 'winner' in wars, btw.) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Question Regarding Wireless Frames
Go to http://www.amilabs.com/HTM/HTM80211.pdf for mac frame exploits. Regards.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Holstein Sent: Friday, April 06, 2007 11:53 AM To: kevin horvath Cc: Code Breaker; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Question Regarding Wireless Frames Sure you can. You have to do it on the primary wifi0 and not a vap (athx). shut it first, then change it (ifconfig or tool such as macchanger), then bring it back up. This apparently wasn't working in madwifi-ng : http://madwifi.org/wiki/UserDocs/ChangeMacAddress but it was patched (apparently, it's been a while since I had to do a wireless pentest .. I've got an older version).. http://madwifi.org/ticket/323 Mea culpa. ~Mike. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I use WEP at home, even though my house is far enough from the road to make it rather difficult for someone to jump on my network. Even if someone decided to hide in the woods at the edge of my yard with a laptop they're more likely to be eaten by a bear, sprayed by a skunk, or chewed alive by mosquitoes than collecting enough packets to crack the WEP key, so WPA or LEAP would be overkill. Like you said, measurement of risk. [EMAIL PROTECTED] wrote: seconds. Knowing that WEP is no more secure than a plastic luggage lock, many people are questioning whether WEP is even useful at all. While I certainly do not recommend WEP for high security (or even moderate risk) environments, you need to remember: security is a measurement of risk. If the threat is low enough, then WEP should be fine. WEP actually has three things going in its favor: * Availability: While there are many alternatives to WEP, such as WPA and LEAP, only WEP is widely available. Hotels and coffee shops that only cater to WPA or LEAP will not support many of their customers. However, if you support WEP then everyone should be able to access the network. * Better than nothing: There's a saying in Colorado: I don't have to run faster than the bear, I just have to run faster than you. If a casual war driver or WiFi-parasite has the option to use your WEP system or your neighbor's open system, they will always choose your neighbor. Having WEP makes you less desirable than an open WiFi because there is no effort needed to use the network. If you happen to live next to a coffee shop or library that offers free WiFi, then the casual wireless user who just wants Internet access will always choose free over the hassle of cracking WEP. While WEP does not block a determined attacker who wants your network, it will stop opportunistic network users. Attackers tend to not be sophisticated and do not choose their targets. Attackers are much like Russian roulette players, and like Russian roulette players are usually both Russian and not very intelligent. * Intent: This is a biggie. If someone trespassed on your private network through an open wireless access point, then proving digital trespassing can be very difficult. However, if the user must bypass your minimalist WEP security, then they clearly show intent to trespass. Consider WEP like a low fence around a swimming pool. Without the fence, you are in trouble if a neighborhood kid drowns in the pool. It's an attractive nuisance. However, with the fence, you should be covered if a kid climbs the fence and drowns. It's still bad, but you have a standing to refute blamed since you put up a barrier, even if the barrier was minimal. As far as WEP goes, it may not be very secure, but it is better than the open-network alternative. If you have the option to use a stronger security algorithm, then definitely do that. However, if you have no other option, then WEP is better than nothing. - Dr. Neal Krawetz, PhD Author of An Advanced Guide to chmod(1) and An Introduction to Graphical Wrappers for apt and dpkg in Ubuntu I am best known for spending two weeks figuring out alternatives to single user mode on my Mac. PhD powah! http://www.hackerfactor.com/blog/ - -- Click to consolidate debt and lower month expenses http://tagline.hushmail.com/fc/CAaCXv1QPxZfhpzcJ4Xn8PICitIjcFxD/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Troy Cregger Lead Developer, Technical Products. Kennedy Information, Inc One Phoenix Mill Ln, Fl 3 Peterborough, NH 03458 (603)924-0900 ext 662 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFpY5nBEWLrrYRl8RAujxAJ4/emoKx9/vwwteZeGrBdEQNJq7YwCfRT+H w5n4HjI21HB4ENS5a2hkTI0= =8pPp -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
On Fri, 06 Apr 2007 14:49:29 EDT, Troy Cregger said: Even if someone decided to hide in the woods at the edge of my yard with a laptop they're more likely to be eaten by a bear, sprayed by a skunk, or chewed alive by mosquitoes than collecting enough packets to crack the WEP key, so WPA or LEAP would be overkill. That's one bad-ass woods you live in, or one *really* low packet rate network. Given the recent attacks that can do the break based on only a few minutes of packet capture on a moderately busy network, it shouldn't be more than a long afternoon's work. Eaten by a bear is *exceedingly* rare, most skunks won't spray unless you corner them, and if you have any brains it will take mosquitoes a long afternoon to chew you alive unless you're in swampland. I will however grant you that rabid skunks are both fairly common and bad news. pgpU3M6K1ncjm.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
On Fri, 6 Apr 2007 [EMAIL PROTECTED] wrote: ... moderate risk) environments, you need to remember: security is a measurement of risk. If the threat is low enough, then WEP should be fine. ... Wait just a minute. Do you propose to say that security is an economic good, with associated opportunity costs and benefits? But just the other day, all the anti-virus vendors and trade rags in the world seemed to say that security was binary, and on is the preferred state. What the sam scratch is going on around here? Do I have to make a tradeoff, again? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
On Fri, 06 Apr 2007 13:05:00 MDT, Bruce Ediger said: Wait just a minute. Do you propose to say that security is an economic good, with associated opportunity costs and benefits? But just the other day, all the anti-virus vendors and trade rags in the world seemed to say that security was binary, and on is the preferred state. Well, people who do it for a living understand it's a tradeoff continuum, where fractional values make sense, and the most sensible setting varies from place to place. But when you're trying to sell to Joe Sixpack, or a PHB in upper management, confusing him with more than two choices (Good and Bad) just pisses him off and loses you the sale. pgpGxMYkslgL5.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
I use WEP at home, even though my house is far enough from the road to make it rather difficult for someone to jump on my network. Really? Like how far? I've done point-to-multipoint (me with 24db parabolic, them with a standard omni) at 6 miles (granted, I was on the 12th floor of a building). Even if someone decided to hide in the woods at the edge of my yard with a laptop they're more likely to be eaten by a bear, sprayed by a skunk, or chewed alive by mosquitoes 2 Linksys boxes running OpenWRT and a decent battery (actually using WDS you could have a whole string of such devices) sort of negates the mosquito/bear/skunk problem if you're so far away that you can't be found with a reasonably high-gain antenna. WEP is basically a screen door, and always has been. ~Mike. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
But WPA-PSK mode is even easier to use than WEP. Why would you use WEP. Distance isn't really a problem with a pringle can antenna. George Original Message Subject: Re: [Full-disclosure] WEEPING FOR WEPFrom: Troy Cregger [EMAIL PROTECTED]Date: Fri, April 06, 2007 11:49 amTo: [EMAIL PROTECTED]Cc: full-disclosure@lists.grok.org.uk-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I use WEP at home, even though my house is far enough from the road to make it rather difficult for someone to jump on my network. Even if someone decided to hide in the woods at the edge of my yard with a laptop they're more likely to be eaten by a bear, sprayed by a skunk, or chewed alive by mosquitoes than collecting enough packets to crack the WEP key, so WPA or LEAP would be overkill. Like you said, measurement of risk. neal.krawetz@mac.hush.com wrote: seconds. Knowing that WEP is no more secure than a plastic luggage lock, many people are questioning whether WEP is even useful at all. While I certainly do not recommend WEP for high security (or even moderate risk) environments, you need to remember: security is a measurement of risk. If the threat is low enough, then WEP should be fine. WEP actually has three things going in its favor: * Availability: While there are many alternatives to WEP, such as WPA and LEAP, only WEP is widely available. Hotels and coffee shops that only cater to WPA or LEAP will not support many of their customers. However, if you support WEP then everyone should be able to access the network. * Better than nothing: There's a saying in Colorado: I don't have to run faster than the bear, I just have to run faster than you. If a casual war driver or WiFi-parasite has the option to use your WEP system or your neighbor's open system, they will always choose your neighbor. Having WEP makes you less desirable than an open WiFi because there is no effort needed to use the network. If you happen to live next to a coffee shop or library that offers free WiFi, then the casual wireless user who just wants Internet access will always choose free over the hassle of cracking WEP. While WEP does not block a determined attacker who wants your network, it will stop opportunistic network users. Attackers tend to not be sophisticated and do not choose their targets. Attackers are much like Russian roulette players, and like Russian roulette players are usually both Russian and not very intelligent. * Intent: This is a biggie. If someone trespassed on your private network through an open wireless access point, then proving digital trespassing can be very difficult. However, if the user must bypass your minimalist WEP security, then they clearly show intent to trespass. Consider WEP like a low fence around a swimming pool. Without the fence, you are in trouble if a neighborhood kid drowns in the pool. It's an "attractive nuisance". However, with the fence, you should be covered if a kid climbs the fence and drowns. It's still bad, but you have a standing to refute blamed since you put up a barrier, even if the barrier was minimal. As far as WEP goes, it may not be very secure, but it is better than the open-network alternative. If you have the option to use a stronger security algorithm, then definitely do that. However, if you have no other option, then WEP is better than nothing. - Dr. Neal Krawetz, PhD Author of "An Advanced Guide to chmod(1)" and "An Introduction to Graphical Wrappers for apt and dpkg in Ubuntu" I am best known for spending two weeks figuring out alternatives to single user mode on my Mac. PhD powah! http://www.hackerfactor.com/blog/ - -- Click to consolidate debt and lower month expenses http://tagline.hushmail.com/fc/CAaCXv1QPxZfhpzcJ4Xn8PICitIjcFxD/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Troy Cregger Lead Developer, Technical Products. Kennedy Information, Inc One Phoenix Mill Ln, Fl 3 Peterborough, NH 03458 (603)924-0900 ext 662 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFpY5nBEWLrrYRl8RAujxAJ4/emoKx9/vwwteZeGrBdEQNJq7YwCfRT+H w5n4HjI21HB4ENS5a2hkTI0= =8pPp -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
* Intent: This is a biggie. If someone trespassed on your private network through an open wireless access point, then proving digital trespassing can be very difficult. However, if the user must bypass your minimalist WEP security, then they clearly show intent to trespass. Accessing it is different than listening to it. Assuming I don't do ARP replay or other L2 games because I'm impatient, I've never really trespassed since you were blasting your signal into a public area, and it's an unlicensed band. (IANAL .. anyone have a case law link for the above conjecture?) Consider WEP like a low fence around a swimming pool. Without the fence, you are in trouble if a neighborhood kid drowns in the pool. It's an attractive nuisance. However, with the fence, you should be covered if a kid climbs the fence and drowns. It's still bad, but you have a standing to refute blamed since you put up a barrier, even if the barrier was minimal. Depends .. can they convince the jury that your fence wasn't *really* tall enough? Remember .. here in the US, store owners get sued because a burglar falls through the roof during the course of a break-in. Put another way, if I use a system known to be ineffective (a twist-tie on a gate lock, to use the above pool example) it could be plausibly argued that you in effect made no effort at all. Once someone writes a network widget that automates the (capture - crack - connect) process, it could probably argued the same way for WEP (again .. IANAL). ~Mike. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
And traffic rate shouldn't be in the discussion either, since arp-replay allows enough packets to be captured, on most home equipment, in about 20 minutes if you're unlucky, and attacking 128-bit wep. 64 bit keys can be had in under 5 minutes, 128 in under 10, and all you have to do is be connected for that length of time. On 4/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: But WPA-PSK mode is even easier to use than WEP. Why would you use WEP. Distance isn't really a problem with a pringle can antenna. George ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
I do not use WEP at home. I use WPA2 on my home network. I agree with the majority of what you both have said. However, if you solely relied on the risk level as the reason not upgrading to a more secure mechanism, I would say you are doing yourself a disservice. Now since I often rely on NIST for guidance, I will reference NIST SP 800-30. Risk is a function of the likelihood of a given threat-sources exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organization. Now we might not allow agree with NIST or follow what they write, but they are smart people doing a good job from my point of view. However, I would have to say for almost all home users and even most business environments the impact that a successful attack would also be rated as low. These conversations have been focusing on likelihood of an attack. Well likelihood can fluctuate all of the time. It will probably be low, but it can change depending on your environment from a day-to-day basis. So let's just say for the purposes of the discussion that there was a very high likelihood someone is going to attack your home WEP network and they are also capable of doing so. Now what is the impact? I doubt the real potential impact would be crucial to ruin or end your life. If you go to shopping and banking sites that use TLS/SSL and you check your certs you probably won't have your credit card information or identity stolen. For them to actually break into your machine once on the network there would have to be more vulnerabilities resulting in the compromise of your machine. Maybe the person launches attacks and does bad stuff from your IP address and you might at worst get paid a visit (worst case scenario). When you look at the impact that would probably caused you have a low impact. Couple that with a low, medium, or high likelihood and you still have LOW risk. By these definitions WEP good enough in most situations. Heck by these definitions an open network might even be low risk in many cases. There is no question that there is a vulnerability with WEP that can be exploited. The question is whether or not someone will actually take the time to exploit this vulnerability and what will happen as a result? What I am getting at is that the cost of using WPA2 in many instances is negligible if there is a cost at all. How many people are using a Linksys WRT54G and a laptop that is less than 3 years old. Chances are all of these users can support WPA at minimum. I've had to run a separate network for WEP users so I am not oblivious to that fact that not everyone supports it. However, their are PCMIA/PCI/USB wireless cards that can be added at a low cost *if* WPA(2) is not already supported. It seems all [most] new hardware support WPA(2). The cost is very low and it's readily available and accepted. Why NOT use WPA(2) if you can? Do you use the Caesar Cipher to encrypt your data or AES-256? If you just go by risk, you could just use the Caesar Cipher half of the time. The likelihood someone will get your encrypted data is low, right? You cannot base all your decisions around risk of likelihood. Especially when there are easy, low cost, and efficient alternatives. Also, as a side note, WPA(2) Personal mode with a strong passphrase is a lot easier to remember than a WEP key...unless you have one of the utilities that generates the key for you. Even then you have diminishing returns. Steven -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I use WEP at home, even though my house is far enough from the road to make it rather difficult for someone to jump on my network. Even if someone decided to hide in the woods at the edge of my yard with a laptop they're more likely to be eaten by a bear, sprayed by a skunk, or chewed alive by mosquitoes than collecting enough packets to crack the WEP key, so WPA or LEAP would be overkill. Like you said, measurement of risk. [EMAIL PROTECTED] wrote: seconds. Knowing that WEP is no more secure than a plastic luggage lock, many people are questioning whether WEP is even useful at all. While I certainly do not recommend WEP for high security (or even moderate risk) environments, you need to remember: security is a measurement of risk. If the threat is low enough, then WEP should be fine. WEP actually has three things going in its favor: * Availability: While there are many alternatives to WEP, such as WPA and LEAP, only WEP is widely available. Hotels and coffee shops that only cater to WPA or LEAP will not support many of their customers. However, if you support WEP then everyone should be able to access the network. * Better than nothing: There's a saying in Colorado: I don't have to run faster than the bear, I just have to run faster than you. If a casual war driver or WiFi-parasite has the option to use your WEP system or your neighbor's open system, they will always choose your
Re: [Full-disclosure] WEEPING FOR WEP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Really? Like how far? Like, I can probably get my car up over 45mph(72.42kph) before I get to the end of my driveway far. I've done point-to-multipoint (me with 24db parabolic, them with a standard omni) at 6 miles (granted, I was on the 12th floor of a building). Yeah, there's some cool shit that can be done with wireless/WRT/WDS/parabolocs... a friend of mine was experimenting with some directional antenna and the WRT54Gs running one of the 3rd party firmwares. He got some pretty far reaching signals. But he had tall buildings around too. Where I'm at, you'd be in a tree. 2 Linksys boxes running OpenWRT and a decent battery (actually using WDS you could have a whole string of such devices) sort of negates the mosquito/bear/skunk problem if you're so far away that you can't be found with a reasonably high-gain antenna. You'll need a bunch of em... it takes me 25 minutes to drive to the grocery, and I know a shortcut. WEP is basically a screen door, and always has been. True, I won't argue with that. I just need to deter the neighbors from trying a simplified version of the above so they can get free broadband access, but even if it was an open AP, I doubt anyone would bother. Where I live, I'm lucky if my broadband connection is working at all. In the last 4 months alone I've gotten over $100 credited to me on my cable bill for downtime. My house came hard wired for a generator... that pretty much says it all right there. I wouldn't trade it for anything though, not even heating my food on the wood stove like it's 1827 when the power is out for 26 hours. NOTE: I still need to pick up a generator, anyone know of one for sale? ;o) Michael Holstein wrote: I use WEP at home, even though my house is far enough from the road to make it rather difficult for someone to jump on my network. Really? Like how far? I've done point-to-multipoint (me with 24db parabolic, them with a standard omni) at 6 miles (granted, I was on the 12th floor of a building). Even if someone decided to hide in the woods at the edge of my yard with a laptop they're more likely to be eaten by a bear, sprayed by a skunk, or chewed alive by mosquitoes 2 Linksys boxes running OpenWRT and a decent battery (actually using WDS you could have a whole string of such devices) sort of negates the mosquito/bear/skunk problem if you're so far away that you can't be found with a reasonably high-gain antenna. WEP is basically a screen door, and always has been. ~Mike. - -- Troy Cregger Lead Developer, Technical Products. Kennedy Information, Inc One Phoenix Mill Ln, Fl 3 Peterborough, NH 03458 (603)924-0900 ext 662 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFrB6nBEWLrrYRl8RAtzTAJ0VdCKPC9i/YeV3ygqWZB/o4J4WjwCfX+4A l+uVSMn80PH0Cxw5Cwtsbyw= =AbBA -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
With the newest crack released earlier this week from the German researchers that reduces the number of packets by an order of magnitude, that's under1 minute on average with ARP replay on an 802.11g network. About 20 seconds average if the network is going full blast on its own. http://blogs.techrepublic.com.com/Ou/?p=464 George Original Message Subject: Re: [Full-disclosure] WEEPING FOR WEPFrom: "Mike Vasquez" [EMAIL PROTECTED]Date: Fri, April 06, 2007 1:22 pmTo: full-disclosure@lists.grok.org.uk And traffic rate shouldn't be in the discussion either, since arp-replay allows enough packets to be captured, on most home equipment, in about 20 minutes if you're unlucky, and attacking 128-bit wep. 64 bit keys can be had in under 5 minutes, 128 in under 10, and all you have to do is be connected for that length of time. On 4/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: But WPA-PSK mode is even easier to use than WEP. Why would you use WEP. Distance isn't really a problem with a pringle can antenna. George ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
Small plane or Balloon perhaps? http://arstechnica.com/articles/culture/warflying.ars -KF On Apr 6, 2007, at 4:41 PM, Troy Cregger wrote: Where I'm at, you'd be in a tree. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Neal, Your three WEP points of favor are interesting discussion points. #1 - Availability. That's an excellent point and one we should start pushing to change. WEP is the primary hotel wireless protocol. Hotel users usually have the choices of Open WEP or Bring Your Own. It needs to be stressed to the Hiltons and Marriotts of the world that using WEP is a huge disservice to their customers, which means we need to bullet-proof some of the other methods. I'm going through this one at work right now myself. My team convinced me that we should use WPA2 with TKIP for our new wireless service. Guess what? Most Windows-controlled wireless laptops don't have an option to select WPA2 as their authentication protocol! My team says No problem, we can just have them download a more recent version of their driver and use the software that comes with their wireless card to manage their wireless instead of the windows client. ARRRGH! *NOT* a valid answer! - --- #2 - Better than nothing. Actually, the point of the Weeping for WEP story is that its no longer any harder to break WEP than it is to connect to an open network. Demonstrated time-to-connect according to the German's paper? 60 seconds. Now, if I needed 45 minutes to get on to your network, I'd likely keep driving. But if it truly only takes 60 seconds? Its easier to get on your network than to drive to the next signal? (Unless your in my office, where from my 10th floor window I can see 51 Wireless networks, 30 open and 21 WEP without an external antenna from my Dell laptop). The infoworld article: http://www.infoworld.com/article/07/04/04/HNdontusewep_1.html and the actual paper: http://eprint.iacr.org/2007/120.pdf make it clear that 50 seconds of gathering and 3 seconds of cracking open a 104-bit WEP key. - #3 - Intent of Trespass. Well, its true that you could say He intentionally broke in, but how many wireless intrusion cases were there in the entire US last year? Three? Four? I'd rather just spend 5 minutes to update my security and be secure rather than knowing that I could prove the guy who stole my bandwidth (and identity?) did so on purpose. Thanks for sharing your thoughts! _-_ gar -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGFrcTg79eYCOO6PsRAifTAJ9RZru1L0u/TXuhRfGoWpTTZVYH6wCcCZO9 l4IycpfyP6wL6AQ/+A9zLH4= =oE3g -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
Gary Warner wrote: I'm going through this one at work right now myself. My team convinced me that we should use WPA2 with TKIP for our new wireless service. Guess what? Most Windows-controlled wireless laptops don't have an option to select WPA2 as their authentication protocol! My team says No problem, we can just have them download a more recent version of their driver and use the software that comes with their wireless card to manage their wireless instead of the windows client. ARRRGH! *NOT* a valid answer! I suspect whether this is a most or not depends a lot on your hardware refresh cycle and what sort of kit you buy - if you've been buying Intel Centrino kit, it all supports WPA (the ipw2100 may not, but everything since then certainly does) so long as you've got the latest drivers and the WPA2 Hotfix for XP. I've implemented WPA2 Infrastructures recently, and the number of laptops which haven't supported WPA2 is somewhere in the 10-15% range. Oddly enough, we have two ipw2200-equipped Toshiba laptops which (even after a full reinstall, and using identical drivers/firmware to machines that do work) refuse to talk WPA2... If you have older prism kit, or a chipset like atheros which is commonly rebadged/resold, you may not have WPA2-compatible drivers/firmware for the card even if the same chipset in other vendors' devices (or in linux) supports WPA2. Thankfully, at the current point in time, sporting the Wifi logo requires WPA2 support so far as I'm aware, so anything you buy now *should* support WPA2. I'm not sure when this requirement came into effect, though.. - James. -- James (njan) Eaton-Lee | UIN: 10807960 | http://www.jeremiad.org All at sea again / And now my hurricanes Have brought down this ocean rain / To bathe me again https://www.bsrf.org.uk | ca: https://www.cacert.org/index.php?id=3 -- smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WEEPING FOR WEP
Nice, even better. So that means a lot of the higher end APs that use sophisticated techniques (smaller IV pools, dynamic, etc) are going to be much less effective. I know a few large entities that will be affected negatively. Time to seriously upgrade the wireless security! People who don't think they need more than wep are fooling themselves. Kids will a) build that cool pringles can antenna to experiment... b) run kismet to explore the wireless around them, and c) practice their wepcracking on your network. what's next? Exploring your windows machines once they're on. They'll be destructive just b/c they can. Keylogger on your home pc? cake. Do you patch every day? All they need is one windows vulnerability to get access to all your data. Anything think that if they wait long enough, a windows flaw will come around? hrm? and *then* your network will be... their network. It's really not that far fetched. On 4/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: With the newest crack released earlier this week from the German researchers that reduces the number of packets by an order of magnitude, that's under 1 minute on average with ARP replay on an 802.11g network. About 20 seconds average if the network is going full blast on its own. http://blogs.techrepublic.com.com/Ou/?p=464 George Original Message Subject: Re: [Full-disclosure] WEEPING FOR WEP From: Mike Vasquez [EMAIL PROTECTED] Date: Fri, April 06, 2007 1:22 pm To: full-disclosure@lists.grok.org.uk And traffic rate shouldn't be in the discussion either, since arp-replay allows enough packets to be captured, on most home equipment, in about 20 minutes if you're unlucky, and attacking 128-bit wep. 64 bit keys can be had in under 5 minutes, 128 in under 10, and all you have to do is be connected for that length of time. On 4/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: But WPA-PSK mode is even easier to use than WEP. Why would you use WEP. Distance isn't really a problem with a pringle can antenna. George -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ http://secunia.com/%3C/pre ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200704-06 ] Evince: Stack overflow in included gv code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200704-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Evince: Stack overflow in included gv code Date: April 06, 2007 Bugs: #156573 ID: 200704-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Evince improperly handles user-supplied data possibly allowing for the execution of arbitrary code. Background == Evince is a document viewer for multiple document formats, including PostScript. Affected packages = --- Package / Vulnerable / Unaffected --- 1 app-text/evince 0.6.1-r3= 0.6.1-r3 Description === Evince includes code from GNU gv that does not properly boundary check user-supplied data before copying it into process buffers. Impact == An attacker could entice a user to open a specially crafted PostScript document with Evince and possibly execute arbitrary code with the rights of the user running Evince. Workaround == There is no known workaround at this time. Resolution == All Evince users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =app-text/evince-0.6.1-r3 References == [ 1 ] CVE-2006-5864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 [ 2 ] GLSA-200611-20 http://www.gentoo.org/security/en/glsa/glsa-200611-20.xml Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200704-06.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 pgpgocfJAwxew.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200704-07 ] libwpd: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200704-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libwpd: Multiple vulnerabilities Date: April 06, 2007 Bugs: #169675 ID: 200704-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis libwpd is vulnerable to several heap overflows and an integer overflow. Background == libwpd is a library used to convert Wordperfect documents into other formats. Affected packages = --- Package / Vulnerable / Unaffected --- 1 app-text/libwpd0.8.9= 0.8.9 Description === libwpd contains heap-based overflows in two functions that convert WordPerfect document tables. In addition, it contains an integer overflow in a text-conversion function. Impact == An attacker could entice a user to convert a specially crafted WordPerfect file, resulting in a crash or possibly the execution of arbitrary code with the rights of the user running libwpd. Workaround == There is no known workaround at this time. Resolution == All libwpd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =app-text/libwpd-0.8.9 References == [ 1 ] CVE-2007-0002 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 [ 2 ] CVE-2007-1466 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200704-07.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 pgpRb15VfGD8N.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
On 4/6/07 12:16 PM, Timo Schoeler [EMAIL PROTECTED] wrote: On Fri, 6 Apr 2007 13:11:38 +0100 James Rankin [EMAIL PROTECTED] wrote: I seem to remember Britain being in WWII almost from the start, well before the Russians got dragged in by Adolf Still I was only young at the time, I could be mistaken the trigger was 'the US', which was in context 'the western allies'; while Stalin saw Hitler faking very early, the US (i.e., the Bank of America -- with one of George W. Bush's grandfathers in the board of directors) was still cooperating with Nazi Germany. it's all in history books... Timo, you're full of shit. The US (amongst others) came to the european continent on June 6th, 1944. At that time, the red army already conquered more than two thirds of the area of nazi germany. The germans already had lost the war. Here's what wikipedia has on this. http://en.wikipedia.org/wiki/Operation_Torch Operation Torch (initially called Operation Gymnast) was the British-American invasion of French North Africa in World War II during the North African Campaign, started November 8, 1942. The Soviet Union had pressed the United States and Britain to start operations in Europe, and open a second front to reduce the pressure of German forces on the Russian troops. While the American commanders favored Operation Sledgehammer, landing in Occupied Europe as soon as possible, the British commanders believed that such a course would end in disaster. An attack on French North Africa was proposed instead, which would clear the Axis from North Africa, improve naval control of the Mediterranean and prepare an invasion of Southern Europe in 1943. American President Roosevelt suspected the African operation would rule out an invasion of Europe in 1943 but agreed to support Churchill. The battle of Stalingrad which was the turning point on the Eastern Front went from August 21, 1942 through February 2, 1943. For you to hint that the battle of Europe was already won by the Russians is bullshit! Back to my point. The U.S. Wanted nothing to do with any European wars - we were dragged into them. Now, we're hearing a lot of crap from people like Timo, who know nothing about history, trying to tell us we aren't handleing things the way you would like. Tough shit! You sprung us out of our borders because of your inability to handle your own problems, and 60 years later you hand us a load of shit while at the same time you can't defend your own sea lanes of trade from Iran, et al. Grow up! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 1278-1] New man-db packages fix arbitrary code execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1278-1[EMAIL PROTECTED] http://www.debian.org/security/ Noah Meyerhans April 06, 2007 - Package: man-db Vulnerability : buffer overflow Problem type : local Debian-specific: no CVE Id(s) : CVE-2006-4250 A buffer overflow has been dicovered in the man command that could allow an attacker to execute code as the man user by providing specially crafted arguments to the -H flag. This is likely to be an issue only on machines with the man and mandb programs installed setuid. For the stable distribution (sarge), this problem has been fixed in version 2.4.2-21sarge1 For the upcoming stable distribution (etch) and the unstable distribution (sid), this problem has been fixed in version 2.4.3-5. We recommend that you upgrade your man-db package. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 3.1 (stable) - --- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2.orig.tar.gz Size/MD5 checksum: 730134 15855f899a76aa302c83ffec81526ab4 http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1.dsc Size/MD5 checksum: 673 add0d09882262adb0cbbde6845af0fbb http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1.diff.gz Size/MD5 checksum: 104832 c5befcaee1865b8582d7bbe8ac21f537 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_alpha.deb Size/MD5 checksum: 641194 92131ea27cf1f17fcdaaea36accfa930 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_amd64.deb Size/MD5 checksum: 607660 464ca88aca62d8cd8ee84072993ce0f7 arm architecture (ARM) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_arm.deb Size/MD5 checksum: 559372 1d5563046ce831b2b7088caa044694de hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_hppa.deb Size/MD5 checksum: 609530 efa1144900b1ee014dd93eb5fb1bf223 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_i386.deb Size/MD5 checksum: 579774 feb44785cde0c8f64cd22f35aa674ab8 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_ia64.deb Size/MD5 checksum: 687208 1400e1e708ec327de4517557de51eca3 m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_m68k.deb Size/MD5 checksum: 544688 d9bd8753aeaf7ceaa7ff29903085ca33 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_mips.deb Size/MD5 checksum: 609644 b8cc5d9b03e70a2bf671983a31d858ba mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_mipsel.deb Size/MD5 checksum: 611036 6e3cf522a309f85ce579d1985c83 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_powerpc.deb Size/MD5 checksum: 602320 05dac7703f16fde62ecf61f07e8ecf97 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_s390.deb Size/MD5 checksum: 600014 a9d162c3c25869260895ada582042e95 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/m/man-db/man-db_2.4.2-21sarge1_sparc.deb Size/MD5 checksum: 574580 ee5ab4089c0ff87d3f976f82b4e01c27 These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGFnWEYrVLjBFATsMRAizAAJwNWOX6b/I9bOvi86BTyNPAqELANwCeNO0g zGPcBBT57zwIUmbSHllvZbE=
Re: [Full-disclosure] WEEPING FOR WEP
Security is not a state. It is a practise. On 4/6/07, Bruce Ediger [EMAIL PROTECTED] wrote: On Fri, 6 Apr 2007 [EMAIL PROTECTED] wrote: ... moderate risk) environments, you need to remember: security is a measurement of risk. If the threat is low enough, then WEP should be fine. ... Wait just a minute. Do you propose to say that security is an economic good, with associated opportunity costs and benefits? But just the other day, all the anti-virus vendors and trade rags in the world seemed to say that security was binary, and on is the preferred state. What the sam scratch is going on around here? Do I have to make a tradeoff, again? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] word to buchkov
http://moneyfortrying.com/ in case its not there when you see it: 'so you don't want to pay me because the traffic i sent was 100% ukranian? i sent the traffic, i dont care if it wasnt 'mostly english speaking' traffic you pay me my $9,204 and ill give you your mysql database and website files back -buchkov p.s. lol @ your server' -- Seriously, screw all of you companies that promise money for traffic and then try to worm out of paying, i hope you didnt have backups. ty to mu-tiger for pointing this out. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
On 4/6/07 12:16 PM, Timo Schoeler [EMAIL PROTECTED] wrote: On Fri, 6 Apr 2007 13:11:38 +0100 James Rankin [EMAIL PROTECTED] wrote: I seem to remember Britain being in WWII almost from the start, well before the Russians got dragged in by Adolf Still I was only young at the time, I could be mistaken the trigger was 'the US', which was in context 'the western allies'; while Stalin saw Hitler faking very early, the US (i.e., the Bank of America -- with one of George W. Bush's grandfathers in the board of directors) was still cooperating with Nazi Germany. it's all in history books... Timo, you're full of shit. The US (amongst others) came to the european continent on June 6th, 1944. At that time, the red army already conquered more than two thirds of the area of nazi germany. The germans already had lost the war. Here's what wikipedia has on this. http://en.wikipedia.org/wiki/Operation_Torch Operation Torch (initially called Operation Gymnast) was the British-American invasion of French North Africa in World War II during the North African Campaign, started November 8, 1942. The Soviet Union had pressed the United States and Britain to start operations in Europe, and open a second front to reduce the pressure of German forces on the Russian troops. While the American commanders favored Operation Sledgehammer, landing in Occupied Europe as soon as possible, the British commanders believed that such a course would end in disaster. An attack on French North Africa was proposed instead, which would clear the Axis from North Africa, improve naval control of the Mediterranean and prepare an invasion of Southern Europe in 1943. American President Roosevelt suspected the African operation would rule out an invasion of Europe in 1943 but agreed to support Churchill. The battle of Stalingrad which was the turning point on the Eastern Front went from August 21, 1942 through February 2, 1943. For you to hint that the battle of Europe was already won by the Russians is bullshit! Back to my point. The U.S. Wanted nothing to do with any European wars - we were dragged into them. Now, we're hearing a lot of crap from people like Timo, who know nothing about history, trying to tell us we aren't handleing things the way you would like. Tough shit! You sprung us out of our borders because of your inability to handle your own problems, and 60 years later you hand us a load of shit while at the same time you can't defend your own sea lanes of trade from Iran, et al. Grow up! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
On Fri, 06 Apr 2007 19:22:34 EDT, Paul Hem said: On 4/6/07 12:16 PM, Timo Schoeler [EMAIL PROTECTED] wrote: The US (amongst others) came to the european continent on June 6th, 1944. At that time, the red army already conquered more than two thirds of the area of nazi germany. The germans already had lost the war. The battle of Stalingrad which was the turning point on the Eastern Front went from August 21, 1942 through February 2, 1943. It can be argued that the German's siege of Leningrad, which lasted almost 900 days but they never managed to take the city, was the first indication that the Germans had run into trouble... For you to hint that the battle of Europe was already won by the Russians is bullshit! Unfortunately, Timo *is* at least partially correct - by the time the US forces landed at Normandy, the Soviet armies had already pushed back the German armies a considerable way, and the Germans were already in severe trouble. Of course, that begs the question of whether the Germans would have had less trouble near Leningrad and Stalingrad if they hadn't had to commit Rommel's forces in North Africa. Germany just didn't have the resources to fight in North Africa and Russia (which is a logistics nightmare all by itself - you might have enough divisions to hold a front when it's near Poland, but the further you go into Russia, the front gets wider and wider) pgp56nkpYBO4P.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?, Battle of Kursk
The battle of Stalingrad which was the turning point on the Eastern Front went from August 21, 1942 through February 2, 1943. I always thought that Battle of Kursk was the turning point. One month, 2000+ tanks lost, 1M-2M men lost. Even though most of the losses were Russian, they could replace men and tanks much more quickly than the Germans, whose manufacturing at this point (July 1943) was being hammered by Allied air bombing... Edward Ray -- This mail was scanned by BitDefender For more informations please visit http://www.bitdefender.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?, Battle of Kursk
The battle of Stalingrad which was the turning point on the Eastern Front went from August 21, 1942 through February 2, 1943. I always thought that Battle of Kursk was the turning point. One month, 2000+ tanks lost, 1M-2M men lost. Even though most of the losses were Russian, they could replace men and tanks much more quickly than the Germans, whose manufacturing at this point (July 1943) was being hammered by Allied air bombing... Edward Ray -- This mail was scanned by BitDefender For more informations please visit http://www.bitdefender.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Question Regarding Wireless Frames
Hi, Basically i want to determine the channel,access point info etc information passively.from some searching i come to know that i can determing it from prob requests too,is there any other way? Regards, On 4/6/07, AMILABS [EMAIL PROTECTED] wrote: Go to http://www.amilabs.com/HTM/HTM80211.pdf for mac frame exploits. Regards.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Holstein Sent: Friday, April 06, 2007 11:53 AM To: kevin horvath Cc: Code Breaker; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Question Regarding Wireless Frames Sure you can. You have to do it on the primary wifi0 and not a vap (athx). shut it first, then change it (ifconfig or tool such as macchanger), then bring it back up. This apparently wasn't working in madwifi-ng : http://madwifi.org/wiki/UserDocs/ChangeMacAddress but it was patched (apparently, it's been a while since I had to do a wireless pentest .. I've got an older version).. http://madwifi.org/ticket/323 Mea culpa. ~Mike. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- _code ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/