CraftyPirate
join:2006-03-21
Saint Paul, MN
1 edit |  WPA cracking, are you scared yet?
Ok I just saw the latest episode of hak5 and was quite disturbed. (Not at the three discussing random topics while taking shots at a NYC bar, but new developments on cracking tools like cowPATTY.)
Basically, some kids went out of their way and used a 27-node cluster to make a 40 gig rainbow table that effectively cracks the top 1000 ssid's (from wigle.net, covering 52% of all recorded ssids) and 1+ million passwords associated with them.
Scary part is, an attacker need NOT have all 40 gig's worth of tables, he just needs your ssid and BOOM - he dl's a 40MB file and starts cracking it within seconds.
This is for AES WPA-PSK standard, just another reason why you should hide your *non-standard* ssid, use ALL 63 *NON-STANDARD* CHARACTERS FOR THE PASSPHRASE. Or you could just set up a Radius and breathe easily before computing power is able to catch up with bruteforcing even more ssid's. 
One thing to add though, this is assuming the attacker gets at least the 2nd frame of the 4-way wpa authentication handshake. This needs to be a physical promiscuously capture or else honey-potted with silly Windows remember wifi location "feature." |
|
Thane_Bitter
join:2005-01-20
London, ON
 ·Bell Sympatico
| I don't see how hiding the SSID will make a difference, however I do wholeheartedly agree that people should use a unique SSID, and certainly a full random key (using alphanumeric / symbols).
Short of using a 'one time pad', all encryption is breakable, it is only a function of processing power and time. Personal I am not disturbed, it is only the logical extension of other hacking/cracking schemes and these guys have taken the time to speed up the process by compiling a convenient list of shortcuts.  |
|
F430
@qwest.net
| reply to CraftyPirate
quote:
This is for AES WPA-PSK standard, just another reason why you should hide your *non-standard* ssid
I was with you until you wrote this. Obviously you have limited knowledge of how wireless works. Otherwise you would know how pointless it is to reduce the number of times your SSID is transmitted (you cannot "hide" it). This kind of FUD destroys any useful message you may have tried to get across. |
|
CraftyPirate
join:2006-03-21
Saint Paul, MN
| said by F430 : quote:
...you would know how pointless it is to reduce the number of times your SSID is transmitted (you cannot "hide" it).
Perhaps I should have reworded it so that it is not being "broadcasted." Limiting the number of times the ssid it is visible in plain-text can reduce the likelihood that it is exposed to being attacked. Both the ssid and passphrase are hashed in the encryption process so therefore without forehand knowledge of the ssid, the attacker is at least somewhat mitigated in his efforts but the mitigation nonetheless does have impact. |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
 ·Comcast
| So l33t haxxor is sitting at the curb with his 27 node cluster, and me having my ssid hidden is going to protect me? Seriously?
Yeah, I'm not scared yet.
--
My place : »www.schettino.us |
|
csiemers
join:2000-09-16
Portland, OR
| reply to CraftyPirate
Hmmm.. worried, heck no.
Lets see, someone breaks in and sees my CD collection on my NAS drive, oooh aaaah. . . I have more important thinks to worry about than what the script kiddies are doing.
--
»www.wwiivehicles.com
World War II Vehicles and Advanced Squad Leader |
|
Reimer
join:2006-08-14
Toronto, ON
| reply to CraftyPirate
This is actually nothing new
the SSID doesn't need to be hidden. It just needs to be unique. And even if your SSID is in the tables, if the passphrase is strong enough then the tables won't have an impact regardless.
so bottom line.. strong passphrase is still the key and having a unique SSID helps |
|
Lasko
@qwest.net
| reply to CraftyPirate
quote:
so therefore without forehand knowledge of the ssid,
You mean like not receiving the signal from the AP? If you are able to receive the signal from the AP you are able to see the SSID in cleartext. So how do you have no forehand knowledge of the SSID? Could you explain this, please? I think F430 and other are correct - use a unique SSID and don't bother trying to hide it since you are only fooling yourself.
BTW - brute force attacks are nothing new - they are far older then electronic communication. The weaker your passphrase the more likely the attack will succeed. If you use a good passphrase knowing the SSID is not going to have a measurable effect on the success/failure of the attack. |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny | reply to CraftyPirate
*yawn*
Please feel free to try to hack my AP. I'll even bring you coffee. Lots of it... |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| said by Its a Secret  :*yawn* Please feel free to try to hack my AP. I'll even bring you coffee. Lots of it... Where so we can get free coffee?  |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
1 edit | C'mon over to BC. I make a mean dark roast!  |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS | reply to CraftyPirate
Can we close this non-thread yet?? My cup of java is almost empty. |
|
tipstir
join:2004-11-14
Enfield, CT
·Cox HSI
2 edits | reply to CraftyPirate
Those who are really into this crap, why bother talking about this. Most of us only worried about having a stable wireless in the dwelling then to worry about someone trying to get into the wireless. AES-EAP next gen though more expensive.. Time to mow the lawn.. |
|
Tonice2007
Premium
join:2005-12-20
Brooklyn, NY
| reply to CraftyPirate
My question to you is what technology isn't hackable? The answer is nothing, elsewise, there wouldn't be new technology such as WPA then WPA2 and before that WEP; it all depends on how many people use the technology and how "secure" the technology is.
Why does Microsoft products have more holes then other manufactures? It's because, it's a bigger target to hackers since the number of users of the software is more then other versions/manufactures, for an instance is a MAC computer more secure then a Windows? Not really, but Windows have more "holes" because more people hack it since Windows holds a bigger market share.
So, in the end what can you do about this security breach with WPA? Use all the characters available to you and don't only use letters, use everything you can and change your "password" every 3 months or so, so that if someone comprises your connection you can respond quickly if needed. |
|
munky99999
Munky
join:2004-04-10
canada
clubs: | quote:
My question to you is what technology isn't hackable? The answer is nothing
wpa2(aes) with a radius server. Cant see that being busted atm. |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
·Shaw
| reply to Tonice2007
said by Tonice2007 :My question to you is what technology isn't hackable? Depends on how many decades you have to crack it.
If you can crack a 63 ASCII PW in a reasonable amount of time (days, not millinea), people will pay you a lot. Again, feel free to try.
--
"In the future, that which is not mandatory will be illegal"
"Nobody knows the age of the human race, but everybody agrees that it is old enough to know better" - Anonymous |
|
fonzbear2000
Premium
join:2005-08-09
Saint Paul, MN
| reply to CraftyPirate
For those of you saying things like: "so what if someone hacks my network? Let them" and so on, what if someone hacks your network and starts downloading child porn?
--
»Check this out! |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
·Comcast
| They they get arrested, since the broke the law (by hacking my network) to gain access.
If I am running an open network then I might be responsible. If someone splices into my cable or hacks my wifi, I don't think I am.
Do you think you are? Really?
--
My place : »www.schettino.us |
|
fonzbear2000
Premium
join:2005-08-09
Saint Paul, MN
| What if it's someone who is in a car with a laptop and they do it and then leave your area. How would they be found? And if they do anything illegal using your connection and take off, you would be held responsible.
--
»Check this out! |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
·Comcast
| said by fonzbear2000 :And if they do anything illegal using your connection and take off, you would be held responsible. I take it you're not a lawyer.
If you're that worried about it, I suggest you unhook your wifi AP, dig a hole in your back yard, and bury it there.
--
My place : »www.schettino.us |
|
