Re: Wireless security

From: Volker Birk (bumens_at_dingens.org)
Date: 10/30/05 

Date: 30 Oct 2005 14:49:39 +0200

John Hyde <EJhyd@netscape.net> wrote:
[WPA-PSK]
> So, in a brute force attack, how long does it take to try each possible
> permutation?

This depends on the entropy your passphrase has. So better use enough
entropy.

> Of course, if the attacker does not know that they are attacking a
> Diceware passphrase, then they'll have to try all the alphanumeric
> combinations of the same length (Diceware words are 5 letters, right?)

Wrong. A dictionary attack any sensible attacker will do first, because
it's likely that words are used, and it can be done without extra costs
before a brute force attack.

> But perhaps "brute force" means something else.

No, your description is correct.

> Well, that was one of my questions, "is the MAC encrypted by WEP?" I
> guess this would be a "NO."

Yes, it will be a "No" ;-)

> Still, I would not say MAC filtering is
> totally useless. At least it forces an attacker to wait around until I
> connect to see what an acceptable MAC address is. Not much of a burden,
> but it prevents a "drive by."

There are only 2^48 possible MAC addresses. And many of them are reserved.
And the manufacturers have fixed address ranges for their NICs.

Yours,
VB. 

-- 
"Ich bin ein freier Mensch und werde jetzt von meinen Freiheitsrechten
Gebrauch machen - und zwar ausgiebig - natürlich nur in dem Rahmen, den
Otto Schily mir noch zur Verfügung stellt."
                   Wolfgang Clement am 10.10.05 als Noch-Superminister