[TOOL] AirSnort, Wireless LAN Encryption Cracker
From: support@securiteam.comDate: 08/24/01
- Previous message: support@securiteam.com: "[NT] IrDA Semi-Remote Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Subject: [TOOL] AirSnort, Wireless LAN Encryption Cracker Message-Id: <20010824091321.C0B80138BF@mail.der-keiler.de> Date: Fri, 24 Aug 2001 11:13:21 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
AirSnort, Wireless LAN Encryption Cracker
------------------------------------------------------------------------
DETAILS
<http://airsnort.sourceforge.net/> AirSnort is a wireless LAN (WLAN) tool
that recovers encryption keys. AirSnort operates by passively monitoring
transmissions, computing the encryption key when enough packets have been
gathered.
802.11b, using the Wired Equivalent Protocol (WEP), is crippled with
numerous security flaws. Most damning of these is the weakness described
in " <http://www.eyetap.org/~rguerra/toronto2001/rc4_ksaproc.pdf>
Weaknesses in the Key Scheduling Algorithm of RC4" by Scott Fluhrer, Itsik
Mantin and Adi Shamir. Adam Stubblefield was the first to implement this
attack, but he has not made his software public. AirSnort, along with
<http://sourceforge.net/projects/wepcrack> WEPCrack, which was released
about the same time as AirSnort, are the first publicly available
implementations of this attack.
AirSnort requires approximately 100M-1GB of data to be gathered. Once
enough packets have been gathered, AirSnort can guess the encryption
password in under a second.
ADDITIONAL INFORMATION
The tool can be downloaded from:
<http://airsnort.sourceforge.net/> http://airsnort.sourceforge.net/
The information has been provided by <mailto:melvin@melvin.net> Jeremy or
<mailto:blake@melvin.net> Blake.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NT] IrDA Semi-Remote Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
