Announcement

Collapse
No announcement yet.

Wpa

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Wpa

    Hey peoples i am new to this forum!,i am running linux suse on my laptop ive been useing "Kismet" for finding vlnerabilitys in the the IEEE standard.Somtimes i will also use windows but i think all versions of windows are just different dos
    os's with crazy gui and they go overkill with activex.Ive been finding alot of wifi
    networks useing WPA i guess all the companys and clients are getting more security weary?,alot of WLAN's are even useing the newest encryption applications for packett handling because there aware of the threat of people
    sniffing packetts and if a person was to snif one out from the begining of a session
    they would have login credintials.I have a simple question for all this forums inhabitants!,is there or has there ever been any discoverd vulnerabilitys in the
    WiFi Protected Acces(WPA)

    Note:Alot of people are useing it with Windows Remote Authentication
    dial in services.I remember they where real populer in the mid 90's
    when companys needed a way to use remote control to work machines like
    the ones used on assembly lines and satalite/cable networks.Then people where
    useing remote password crackers but nobody is dumb enouph to use weak username password combinations anymore!.
    Tags: None
  • #2
    Originally posted by Greenflame
    Ive been finding alot of wifi networks useing WPA i guess all the companys and clients are getting more security weary?,alot of WLAN's are even useing the newest encryption applications for packett handling because there aware of the threat of people sniffing packetts and if a person was to snif one out from the begining of a session they would have login credintials.
    what do you call latest encryption applications? anything publically available will eventually be easy to take apart/dismantle, and reverse engineer

    Originally posted by Greenflame
    I have a simple question for all this forums inhabitants!,is there or has there ever been any discoverd vulnerabilitys in theWiFi Protected Acces(WPA)
    WPA or WPA2? there's a small difference ... to answer it, I'd say not at this time....reasons:

    #1) WPA wraps the RC4 engine with 4 algorithms... 2 to the 48th overall, giving over 500 trillion combinations.
    #2) key derivation and distribution, completely eliminating any chance of man in the middle attacks
    #3) a temporary key integrity protocol that generates per-packet keys

    Onto WPA2...
    #1) WPA packs a decent punch security-wise with full 802.11i support including the Counter Mode with CBC-MAC Protocol
    #2) Cypher block changing, and message authentication


    My 2 cents,
    Qu|rk-

    Comment

    • #3
      WPA2 makes use of TKIP, at present there is one offline attack for TKIP that I know off, which is dependent upon weak user passwords, thats it as far as I know.

      I was doing some work at a site with TKIP, damn good stuff...

      Comment

      • #4
        Originally posted by r0n1n
        WPA2 makes use of TKIP, at present there is one offline attack for TKIP that I know off, which is dependent upon weak user passwords, thats it as far as I know.

        I was doing some work at a site with TKIP, damn good stuff...


        You can choose TKIP or AES for your algorithm.

        The offline attack is a simple dictionary attack that you can protect yourself against by using a passphrase longer than 26 characters.
        perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

        Comment

        • #5
          Originally posted by Chris
          You can choose TKIP or AES for your algorithm.

          The offline attack is a simple dictionary attack that you can protect yourself against by using a passphrase longer than 26 characters.
          I recommend using AES for your algorithm, very large amounts of possible keys.
          blowfish:.2x10x448
          www.gnivirdrawn.com

          Comment

          • #6
            I hear there's another application in the procces for wifi encryption
            it supposedly cracks WPA TKIP it is to WPA as airsnort was to WEP

            i also just finished some hardening on my hybrid LAN i added WPA
            and did some tunneling!,And added a DMZ ill be trying to find vulnerabilitys and ill post any exploit's!,im gonna write a sniffer that tryes to crack it!,it's gonna be C and 32bit Assembly language(for the speed)its also gonna be cross platform!.

            Comment

            • #7
              It's not really an issue of TKIP vs. AES.

              TKIP utilizes the RC4 stream cipher with 128-bit keys for encryption and 64-bit keys for authentication.

              It's more correct to think of RC4 vs. AES.

              The TKIP layer is more comparable to CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol).

              CCMP uses the CCM mode of AES for encryption.

              However, not all hardware will be able to support AES.

              Therefore, the RSN (Robust Secure Network) component of the forthcoming 802.11i standard will support:

              1. WEP
              2. TKIP
              3. WRAP
              4. CCMP
              5. WEP-104

              Voyager
              Webmaster: http://www.hackfaq.org

              Comment

              • #8
                Originally posted by Voyager
                It's not really an issue of TKIP vs. AES.

                TKIP utilizes the RC4 stream cipher with 128-bit keys for encryption and 64-bit keys for authentication.

                It's more correct to think of RC4 vs. AES.

                The TKIP layer is more comparable to CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol).

                CCMP uses the CCM mode of AES for encryption.

                However, not all hardware will be able to support AES.

                Therefore, the RSN (Robust Secure Network) component of the forthcoming 802.11i standard will support:

                1. WEP
                2. TKIP
                3. WRAP
                4. CCMP
                5. WEP-104

                Voyager
                Webmaster: http://www.hackfaq.org

                Folks with WLAN questions should check out the wireless networks section at www.hackfaq.org. There is a wealth of information there on the different protocols (802.11a/b/g/i) and encryption algorithms.
                perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'

                Comment

                • #9
                  Think we'll see a WPA talk at Defcon this year?
                  The only constant in the universe is change itself

                  Comment

                  • #10
                    Originally posted by dYn4mic
                    Think we'll see a WPA talk at Defcon this year?
                    I'm thinking maybe so.
                    "It is difficult not to wonder whether that combination of elements which produces a machine for labor does not create also a soul of sorts, a dull resentful metallic will, which can rebel at times". Pearl S. Buck

                    Comment

                    Previous template Next
                    Working...
                    X