Re: [ubuntu-uk] Wireless Cracking was setting up bt home hub in ubuntu
baza wrote: > What you have to remember is not to trust any security on your network. > But, you can over do it. All of the 'hackers' I know won't sit outside > your house trying to crack your WEP to get your eBay password etc. > > One of the simplest things you can do to keep people off your bandwidth > is switch your router off when you're not going to use it. Saves > electricity too. > > > Baz. > > Or you can do completely the opposite Explicitly ALLOW passersby to use your wireless network, free of charge, and advertise the fact (on sites like www.consume.net) We do this (a technology company), but plenty of other companies are, to name just a couple, a cafe-bar in the middle of Horsham, a Morgan car dealer... In both cases they did it to promote their core services "browse the Internet while you have a drink" or "browse the Internet while you car is being MOTd". We have two wireless networks - one insecure just with Internet access for visitors / passersby, and one secure which has access to our servers (which, of course, run their own security anyway.) M. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
Re: [ubuntu-uk] Wireless Cracking was setting up bt home hub in ubuntu
>> >> > > There was a recent Security Now podcast that explains this topic quite > well. It think it has been linked to before on this list, but here you > go anyway. http://media.grc.com/sn/SN-089.mp3 > > Happy listening, > > Steve > > What you have to remember is not to trust any security on your network. But, you can over do it. All of the 'hackers' I know won't sit outside your house trying to crack your WEP to get your eBay password etc. One of the simplest things you can do to keep people off your bandwidth is switch your router off when you're not going to use it. Saves electricity too. Baz. -- http://walkertopia.com/blog === -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
Re: [ubuntu-uk] Wireless Cracking was setting up bt home hub in ubuntu
On Wed, 2007-06-13 at 20:09 +0100, Dave Walker wrote: > On Wed, 2007-06-13 at 19:50 +0100, Ian Pascoe wrote: > > Hi Folks > > > > Some clarity on these times to break please! > > > > Is this done by snooping the traffic that is going between the computer and > > router or by bombarding the router with various keys until it responds? > > > > Anyone know for sure? I know a couple of guys who work on computer > > crypotography and they quote figures like a million transfered packets to > > get the key reliably and they know cos they've done it. > > > > E > > > > Ian, > > I am concerned where this thread could lead, but i feel that a high > level explanation is appropriate. Obviously attempting this on a > network that is not your own is illegal. I attempted this on a network > i own a few years ago, and was shocked that i could gain access within > an hour. Tools have probably improved somewhat since i tried it. > > The way that WEP is cracked falls into two categories. There is a > passive attack that purely listens and logs packets sent between access > point and authorised user; the other method is active that sends > malformed packets to the access point that increases the amount of > 'interesting' packets returned to the cracker. > > These 'interesting' packets revel certain information that allow a tool > to work out what the WEP key is. > > The more 'interesting' packets you have gathered the faster the cracking > can be achieved, with a million; it would take seconds - but the > gathering takes a little longer. > > WEP is largely outdated, and most people who use security tend to use > the more secure WPA Protocol > > Kind Regards, > Dave Walker > > There was a recent Security Now podcast that explains this topic quite well. It think it has been linked to before on this list, but here you go anyway. http://media.grc.com/sn/SN-089.mp3 Happy listening, Steve -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
Re: [ubuntu-uk] Wireless Cracking was setting up bt home hub in ubuntu
On Wed, 13 Jun 2007 19:50:49 +0100, "Ian Pascoe" <[EMAIL PROTECTED]> wrote: > Hi Folks > > Some clarity on these times to break please! > > Is this done by snooping the traffic that is going between the computer > and > router or by bombarding the router with various keys until it responds? > > Anyone know for sure? I know a couple of guys who work on computer > crypotography and they quote figures like a million transfered packets to > get the key reliably and they know cos they've done it. > > E IIRC, this was from sniffing packets then doing a local bruteforce on the sniffed data. the ever-reliable (??!!!) register has this article: http://www.theregister.co.uk/2007/05/15/wep_crack_interview/ which states: "When WEP was compromised in 2001, the attack needed more than five million packets to succeed. During the summer of 2004, a hacker named KoreK published a new WEP attack (called chopper) that reduced by an order of magnitude the number of packets requested, letting people crack keys with hundreds of thousands of packets, instead of millions. Last month, three researchers, Erik Tews, Andrei Pychkine and Ralf-Philipp Weinmann developed a faster attack (based on a cryptanalysis of RC4 by Andreas Klein), that works with ARP packets and just needs 85,000 packets to crack the key with a 95 per cent probablity. This means getting the key in less than two minutes." Cheers, Matt. -- Matthew Macdonald-Wallace Lug-Master (http://www.thanet.lug.org.uk), Dad (http://www.helpmeimadad.com/), Ubuntu User( http://www.ubuntu.com/) -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
Re: [ubuntu-uk] Wireless Cracking was setting up bt home hub in ubuntu
On Wed, 2007-06-13 at 19:50 +0100, Ian Pascoe wrote: > Hi Folks > > Some clarity on these times to break please! > > Is this done by snooping the traffic that is going between the computer and > router or by bombarding the router with various keys until it responds? > > Anyone know for sure? I know a couple of guys who work on computer > crypotography and they quote figures like a million transfered packets to > get the key reliably and they know cos they've done it. > > E > Ian, I am concerned where this thread could lead, but i feel that a high level explanation is appropriate. Obviously attempting this on a network that is not your own is illegal. I attempted this on a network i own a few years ago, and was shocked that i could gain access within an hour. Tools have probably improved somewhat since i tried it. The way that WEP is cracked falls into two categories. There is a passive attack that purely listens and logs packets sent between access point and authorised user; the other method is active that sends malformed packets to the access point that increases the amount of 'interesting' packets returned to the cracker. These 'interesting' packets revel certain information that allow a tool to work out what the WEP key is. The more 'interesting' packets you have gathered the faster the cracking can be achieved, with a million; it would take seconds - but the gathering takes a little longer. WEP is largely outdated, and most people who use security tend to use the more secure WPA Protocol Kind Regards, Dave Walker -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
[ubuntu-uk] Wireless Cracking was setting up bt home hub in ubuntu
Hi Folks Some clarity on these times to break please! Is this done by snooping the traffic that is going between the computer and router or by bombarding the router with various keys until it responds? Anyone know for sure? I know a couple of guys who work on computer crypotography and they quote figures like a million transfered packets to get the key reliably and they know cos they've done it. E -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of ged byrom Sent: 12 June 2007 23:26 To: British Ubuntu Talk Subject: Re: [ubuntu-uk] setting up bt home hub in ubuntu LeeUKHA wrote: > >> On Tue, 2007-06-12 at 19:11 +0100, ged wrote: >> >> >>> Just a polite enquiry about the "WEP" key wrote on the back of these BT >>> wireless routers. >>> Is it really wep ? >>> >>> >> The _default_ is. >> >> If you visit http://bthomehub.home/ once setup you can change it to WPA. >> > As Alan said the default is WEP, but it does WPA just fine :) > > As to the 2091 it's fine my mate runs one. By default its locked to BT, > so if you leave BT its junk. > However, it's been, err, fixed. A quick Google will reveal the new > firmware... > > Thanks for the replies. The 2091 I got on ebay was already unlocked. Thanks again Ged. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/ -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.kubuntu.org/UKTeam/
