Re: Wireless security
From: Volker Birk (bumens_at_dingens.org)
Date: 30 Oct 2005 14:49:39 +0200
John Hyde <EJhyd@netscape.net> wrote:
> So, in a brute force attack, how long does it take to try each possible
This depends on the entropy your passphrase has. So better use enough
> Of course, if the attacker does not know that they are attacking a
> Diceware passphrase, then they'll have to try all the alphanumeric
> combinations of the same length (Diceware words are 5 letters, right?)
Wrong. A dictionary attack any sensible attacker will do first, because
it's likely that words are used, and it can be done without extra costs
before a brute force attack.
> But perhaps "brute force" means something else.
No, your description is correct.
> Well, that was one of my questions, "is the MAC encrypted by WEP?" I
> guess this would be a "NO."
Yes, it will be a "No" ;-)
> Still, I would not say MAC filtering is
> totally useless. At least it forces an attacker to wait around until I
> connect to see what an acceptable MAC address is. Not much of a burden,
> but it prevents a "drive by."
There are only 2^48 possible MAC addresses. And many of them are reserved.
And the manufacturers have fixed address ranges for their NICs.
-- "Ich bin ein freier Mensch und werde jetzt von meinen Freiheitsrechten Gebrauch machen - und zwar ausgiebig - natürlich nur in dem Rahmen, den Otto Schily mir noch zur Verfügung stellt." Wolfgang Clement am 10.10.05 als Noch-Superminister