Re: testing wireless security

Josh Paetzel wrote:
When I looked in to this it seemed that the current state of affairs is that
WPA can only be broken by brute-forcing the key. I don't recall if that
could be done 'off-line' or not. My memory is that the needed info to
attempt bruteforcing could be done by simply receiving....no need to attempt
to associate to the AP was needed. I'm not really interested in
disseminating links to tools that can be used to break wireless security, but
simple google searches will give you the info you need.....and the tools are
in the ports tree for the most part.

Fortunately WPA allows keys that put even resource-rich attackers in to the
decade range to bruteforce.

That would not appear to be a limitation of aircrack-ng
http://www.freshports.org/net-mgmt/aircrack-ng/

aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can
recover this keys once enough encrypted packets have been captured.
It implements the standard FMS attack along with some optimizations
like KoreK attacks, thus making the attack much faster compared to
other WEP cracking tools. In fact aircrack is a set of tools for
auditing wireless networks.

That said, I haven't (yet) tried it myself ;)

--
Said one park ranger, 'There is considerable overlap between the
intelligence of the smartest bears and the dumbest tourists.'
Mark D. Foster, CISSP <mark@xxxxxxxxx> http://mark.foster.cc/

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: A basic cryptanalysis question
    ... >> appear out of his attack, he assumes he's recovered the plaintext. ... >include the keys in your construction. ... such a function look at my second order bijective compression of english ...
    (sci.crypt)
  • Re: how secure is SSL?
    ... Most SSL protocols in practice are using 1024-bit RSA keys. ... Untrusted code is another, extra huge problem. ... the number of linearly independent equations. ... Well, if this particular attack is flawed, I don't know. ...
    (sci.crypt)
  • Re: [Full-disclosure] Firewire Attack on Windows Vista
    ... shorten the window of attack for a specific type of user but it's mostly ... Microsoft claims that hibernate mode clears the cryptographic keys from ... my point was _not_ that in a very specific configuration you're ...
    (Bugtraq)
  • Re: Security Flaw in Popular Disk Encryption Technologies
    ... does that mean that geli properly wipes keys from RAM when a laptop is turned off? ... This attack has to be defended against in hardware; it exploits a 'feature' of modern day RAM chips, which can not be controlled by software. ... As encrypted volumes simply require keys to be in memory to be able to use the volumes, the encryption software is vulnerable to this attack. ...
    (freebsd-hackers)
  • Re: Bijective - an explanation please?
    ... I can just reject any key the decrypt the ciphertext to something ... :>dealing with a non-bijective compressor that prepended some 20 or so ... The attack *I* will use is one that rejects all keys ...
    (sci.crypt)