RE: Dumb question abt. Wireless WEP security 2 - ssl

From: Prasad S. Athawale (athawale_at_buffalo.edu)
Date: 01/25/04

  • Next message: Michael LaSalvia: "RE: Security conference" 
    To: "'Alvin Oga'" <alvin.sec@Virtual.Linux-Consulting.com>
Date: Sun, 25 Jan 2004 16:36:16 -0500

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hi!

    >.wireless communicatins is done with 40bit rc4 cipher... NOT ssl
    ...

    Agreed. It uses a 64 bit key (14 bit is plain text - hence 40 bit).
    Some of them also use 128 bit (effective 114 bit).

    >rc4 has been broken back in feb 2001 by simple brute force, and/or
    >by people using dictionary or trivial passwords

    Yes encryption has been broken - to reveal the underlying data - in
    case the data was encrypted before being transmitted via WEP all you
    get (after brute forcing WEP) is the data in encrypted form of the
    earlier encryption.

    >even if you use wireless w/ ssh or ssl ... your encrypted ssh/ssl
    >data is ( wirelessly ) sniffed and decryptable since your initial
    >passwd/pass phrase was also sniffed

    As regards SSL 'password' or rather 'passphrase' this gets decided
    using conventional public key encryption schema viz . Diffie Helman/
    RSA etc. This has nothing to do with WEP - and this encryption would
    happen before the WEP is done - which would be at transmission time.

    Hope my point is understood.

    Any thought anyone ?
    - -------------------------------------------------------------
    Prasad S. Athawale
    Graduate Student
    University at Buffalo
    - -------------------------------------------------------------
    ' there are 10 kinds of people in this world - those who understand
    binary and those who don't'

    - -----Original Message-----
    From: Alvin Oga [mailto:alvin.sec@Virtual.Linux-Consulting.com]
    Sent: Sunday, January 25, 2004 4:25 PM
    To: athawale@buffalo.edu
    Cc: security-basics@securityfocus.com
    Subject: Re: Dumb question abt. Wireless WEP security 2 - ssl

    hi ya hth

    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > Hi!
    >
    > As per my understanding, the SSL channel - will not be compromised
    > in case the password is discovered. Of course - in such a case you
    > don't need to do any kind of sniffing etc, u can directly log in!
    > but
    > technically - the 48 byte passphrase used to encrypt the SSL
    > connection (which uses a pre-determined encryption algo (RSA,DES
    > etc)) is exchanged between the the server and the client before the
    > https connection can be setup.
     
    wireless communicatins is done with 40bit rc4 cipher... NOT ssl ...

    rc4 has been broken back in feb 2001 by simple brute force, and/or
    by people using dictionary or trivial passwords

    even if you use wireless w/ ssh or ssl ... your encrypted ssh/ssl
    data is ( wirelessly ) sniffed and decryptable since your initial
    passwd/pass phrase was also sniffed

    c ya
    alvin

    >
    > ssh/ssl encryption doesnt help if you use insecure passphrases
    > or an exploitable ssh daemon/clients
    >
    > (wireless stuff) wep is cracked ...
    >
    > more wireless fun
    > http://www.Linux-Sec.net/Wireless/
    >

    -----BEGIN PGP SIGNATURE-----
    Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

    iQA/AwUBQBQ20IKN2ncVpx7SEQIMSACgzYSe+Db00EdWSQgC++W3SRJdAfcAoMWV
    x+mr3C9upJzzGs1GRNaL3AjG
    =oyK8
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
    course! All of our class sizes are guaranteed to be 10 students or less.
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
    and many other technical hands on courses.
    Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
    any course!
    ----------------------------------------------------------------------------

  • Next message: Michael LaSalvia: "RE: Security conference"

    Relevant Pages

    • Re: Activesync 4/WM5: Wireless network not available
      ... I'm getting the same effect on changing the router's wireless encryption to ... WEP - Activesync and the wireless network seem to be working together quite ...
      (microsoft.public.pocketpc.activesync)
    • Re: internal wireless router config best practices
      ... wireless network secured using WEP only. ... cracked the dodgy WEP encryption, they still had another layer or security ... The solution to this today is something known as WPA. ...
      (microsoft.public.windows.server.sbs)
    • Re: securing my new wireless router
      ... Basics for secure wireless computing. ... Enable WEP encryption. ... connect to your network. ...
      (Security-Basics)
    • PC Card Software Open Sourced
      ... >> Hasn't happened since I turned WEP on though. ... > might be implementing wireless and thought the conclusion regarding ... > newest encryption might be something to cover. ... Very soon a simple Helpdesk wireless setup turns into an extensive ...
      (comp.sys.acorn.apps)
    • Re: setup wireless connection
      ... Excuse my ignorance but I don't think I've ever encountered setting wep ... The only encryption setting for wep or wpa I'm ... aware of is on my router's configuration site and that is for the router ... that was lousy advice. ...
      (Ubuntu)