Thanks Mike. We ran several demos for that ISSA meeting, I guess that one received attention because of the speed of the replay injection attack. Thanks to the work of Devine, KoreK, b0nk, etc FMS attacks on 104-bit keys need only 100-200k unique IV's (not weak IV's) and I guess that hasn't been known forever. I'm sure SOCALWUG members's are clued in that dynamic WEP, WPA-PSK, EAP-FAST, etc, all have current problems but that demo was just part of the "wireless is inherently vulnerable" speech, not meant to be breaking news. - Geoff
Not "everyone" knows that. Some of us do... certainly those of us in the Wi-Fi community. But most internet users do not know anything about wireless security, be it WEP, WPA, IPSEC, ABCDEFG, or anything. These are the real plug-and-play people.
What this article and demo is pointing out is that WEP is so fluid, that it's not really safe for anything except a speedbump in the parking lot of wireless intrusion. The more people know that, one would hope, the less crimes of convenience there will be.
But in 4 years of Wi-Fi data, we still are seeing only about one-third of wireless networks are using any security. So for you top-tier, 98th percentile folks who know how to lock down a Wi-fi network, there's still a need for you.
-Mike
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Thomas Maguire
Sent: Tuesday, April 05, 2005 3:19 PM
To: [email protected]
Subject: Re: [SOCALWUG] The Feds can own your WLAN too
But like WEP is a useless protocol; everyone knows that? That has been known forever. ????
----- Original Message ----- From: "Mike Outmesguine" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, April 05, 2005 3:08 PM Subject: [SOCALWUG] The Feds can own your WLAN too
> [Los Angeles FBI agents attend SOCALWUG meetings to stay on top of what's
> really going on in the wireless space. It's great to see their wireless
> experience carrying over to the general IT security community. -Mike O.]
>
>
> From slashdot:
> http://hardware.slashdot.org/article.pl?sid=05/04/05/1428250
> Feds Hack Wireless Network in 3 Minutes
> Posted by CmdrTaco on Tuesday April 05, @12:26PM
> from the still-can't-balance-budget dept.
>
> xs3 writes "At a recent ISSA (Information Systems Security Association)
> meeting in Los Angeles, a team of FBI agents demonstrated current
> WEP-cracking techniques and broke a 128 bit WEP key in about three
minutes.
> Special Agent Geoff Bickers ran the Powerpoint presentation and explained
> the attack, while the other agents (who did not want to be named or
> photographed) did the dirty work of sniffing wireless traffic and breaking
> the WEP keys. This article will be a general overview of the procedures
used
> by the FBI team."
>
>
> Here's the Tom's Hardware article by Humphrey Cheung:
> http://www.tomsnetworking.com/Sections-article111.php
>
>
>
_________________________________________________________________
Don�t just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
