Ticket prices

64 Places - 19:00 20th - 17:00 22nd February 2009
User avatar
ez64
1337 Krew
Posts: 817
Joined: Fri Oct 19, 2007 4:10 pm
Location: Wouldnt you like to know
Contact:

Re: Ticket prices

Postby ez64 » Mon Dec 01, 2008 1:51 am

All the home user network encryption software is easily cracked even with WPA2 the time has been taken down to around 30 seconds of packets needed.
In China DHCP leases YOU!
The Bible, Wrath of Khan, what's the difference

I am the Stig!

ImageImage

User avatar
neon
Duct Tape Engineer
Posts: 1612
Joined: Tue Oct 22, 2002 10:35 am
Location: Exeter, Devon

Re: Ticket prices

Postby neon » Mon Dec 01, 2008 2:54 pm

Neomancer wrote:xcon/neon

whats the linux wpa key hacking tool :P


I would never be involved in such nefarious activities.

However http://www.theregister.co.uk/2008/10/10/graphics_card_wireless_hacking/ may be of interest

User avatar
xconspirisist
Pseudo-jolly-fatman, rapid-post-editor, postman-loather, coffee-induced-murderer, meatball-fanatic, GPS-hater, vapourware-author, executioner-of-flying-bugs, eternal emperor of entirety
Posts: 6182
Joined: Tue Sep 07, 2004 1:04 pm
Battle.net: xcons#2832
steamid: xconspirisist
Location: Hyrule. ▲
Contact:

Re: Ticket prices

Postby xconspirisist » Mon Dec 01, 2008 7:34 pm

There are plenty and it's more like getting the correct sequence of tools and understanding the system.

WPA2 is rather good and cracking it on the average laptop can take a couple of Sundays. WEP has its flaws which is why it has been largely deprecated.

I really do not mean to offend you goose, but I doubt you actually have the skills to secure a network beyond the skills of an average techie. Security is very much an iterative thing, fobbing a system off as "secure" is no good unless you repeatedly check up on it, the latest techniques and vulnerabilities. Network security is topic without bounds and far more interesting than people give it credit for, if you are truly interested, there are plenty of google results and documents for you to read.

User avatar
iMess
Your base looks nice, can i have it ?
Posts: 4640
Joined: Mon Jun 23, 2003 7:36 pm
Origin ID: imesx
Battle.net: wewlad
steamid: imess
Location: Taunton

Re: Ticket prices

Postby iMess » Mon Dec 01, 2008 7:51 pm

Neomancer wrote:
Gooseman wrote:ok, ill pay the £35 call out fee to get them to check my work .... NOT

ive checked and double checked, and i know what im doing, and tbh if any of you want to come to where i work and try to hack into the work network where i am, then please feel free, if u can ill pay u £100 if u can get past



everyone, who lives closest? i'll give £50 to anyone that can go to his work, and plug a laptop into a network port there please.


I'll £150 to someone if they make it look like Goose did it :)
If online bullying has taught us anything. It's that people would sooner hang themselves than lose a bit of weight.

Gooseman
1337 Krew
Posts: 2529
Joined: Thu Jan 22, 2004 2:41 pm
steamid: sgoosey
Location: Milton Keynes

Re: Ticket prices

Postby Gooseman » Mon Dec 01, 2008 8:08 pm

im not meaning a secure network, its only a case of a secure way to block users of the internet, i have no encryption, and users of the network, know that i dont take any responsibility for anything that may and could happen to their computers from not running firewall, etc.

User avatar
Wishy
Senior Icelandic Field Sausage Engineer
Posts: 4288
Joined: Thu Jun 20, 2002 2:17 pm
Location: Woking
Contact:

Re: Ticket prices

Postby Wishy » Mon Dec 01, 2008 8:28 pm

ez64 wrote:All the home user network encryption software is easily cracked even with WPA2 the time has been taken down to around 30 seconds of packets needed.


WPA2 remains secure
WPA (TKIP) is some limited flaws, which allows, under some conditions, for packets to be injected into the network. The packets cannot actually be decrypted, merely some content can be pushed into it. (Which has very, very limited real world application)
WEP with 40bit and 128bit keys are both so easily broken its scare. 192 or 256bit offers more security in-so-much-as the "Standard off the shelf" cracking tool doesn't have inbuilt support. None the less the flaw does not relate to lack of key length, just a broken implementation. Also note that 192 and 256bit aren't particularly standard, only vendor specific.
MAC checking is utterly pointless, as its a simple job to sniff the wire for "Valid" macs

Another apporach is just to leave it open and have it sit on the untrusted zone within a DMZ, only able to connect to a VPN server offering strong encryption.

Alternatively, tinfoil hats are availible on request...
Wishy - Westlan Web type person.

User avatar
ez64
1337 Krew
Posts: 817
Joined: Fri Oct 19, 2007 4:10 pm
Location: Wouldnt you like to know
Contact:

Re: Ticket prices

Postby ez64 » Mon Dec 01, 2008 10:19 pm

Wishy wrote:
ez64 wrote:All the home user network encryption software is easily cracked even with WPA2 the time has been taken down to around 30 seconds of packets needed.


WPA2 remains secure
WPA (TKIP) is some limited flaws, which allows, under some conditions, for packets to be injected into the network. The packets cannot actually be decrypted, merely some content can be pushed into it. (Which has very, very limited real world application)
WEP with 40bit and 128bit keys are both so easily broken its scare. 192 or 256bit offers more security in-so-much-as the "Standard off the shelf" cracking tool doesn't have inbuilt support. None the less the flaw does not relate to lack of key length, just a broken implementation. Also note that 192 and 256bit aren't particularly standard, only vendor specific.
MAC checking is utterly pointless, as its a simple job to sniff the wire for "Valid" macs

Another apporach is just to leave it open and have it sit on the untrusted zone within a DMZ, only able to connect to a VPN server offering strong encryption.

Alternatively, tinfoil hats are availible on request...


Welcome to 2003...... WPA2 is not secure there are many other methods than brute forcing that work very well, will dig the article and methods up when I cba :D
In China DHCP leases YOU!
The Bible, Wrath of Khan, what's the difference

I am the Stig!

ImageImage

User avatar
Neomancer
Resident Sarcasm Master Admin
Posts: 6212
Joined: Wed Aug 20, 2003 11:20 pm
Origin ID: neomancer86
steamid: neomancer86
Location: Exeter
Contact:

Re: Ticket prices

Postby Neomancer » Tue Dec 02, 2008 12:20 am

vpn over wireless, woop :)

User avatar
Wishy
Senior Icelandic Field Sausage Engineer
Posts: 4288
Joined: Thu Jun 20, 2002 2:17 pm
Location: Woking
Contact:

Re: Ticket prices

Postby Wishy » Tue Dec 02, 2008 1:51 pm

ez64 wrote:Welcome to 2003...... WPA2 is not secure there are many other methods than brute forcing that work very well, will dig the article and methods up when I cba :D


Please do, I've certainly found nothing to support these sort of claims.

The main weakness in WPA-PSK is down to using a weak (Dictionary / short) password along with a nonunique (IE Linksys, WLan, etc) SSID (Used to salt the password). Rainbow tables exist for common dictionary passwords with the 1000 "Most Common" SSIDs, making breaking them more straight-forward to break. (Clever idea using SSID as a salt though, as this limits the effectiveness of rainbow tables).
The same basic flaw is true of pretty much anything which uses a password as security. Weak password = weak security.

Next we have the nvidia CUDA based PBKDF2 key-generator (The algorithm that takes a password+ssid and hashes it into an encryption key). This uses a Nvidia processor to do the 16,000 odd rounds of SHA1 to create the pairwise master. Its about 10 times quicker than using a cpu, depending on the GPU model. But if a strong password is used, this counts for nothing.

And of course, none of this applies to 802.11x (Eg PEAP), which frankly corps should be using anyway.

Then you have the Tews and Beck "Practical Attacks against WEP and WPA". This attack revolves around only the TKIP, which was only really put in to allow older network cards to move to WPA. Pretty much anything that supports WPA2, which is pretty much anyway, now uses AES - a much stronger algorithm than RC4 which TKIP is based, which is very much creaking around the edges.
The Tews and Beck attack centers around reading ARPs and allows 7-15 packets to be injected every 14 or so minutes - there is potential for ARP poisoning here, which might stuff up a few connections, but given the rest of the messages can't be read, its not a huge security risk.
Wishy - Westlan Web type person.

User avatar
ez64
1337 Krew
Posts: 817
Joined: Fri Oct 19, 2007 4:10 pm
Location: Wouldnt you like to know
Contact:

Re: Ticket prices

Postby ez64 » Tue Dec 02, 2008 6:33 pm

Wishy wrote:
ez64 wrote:Welcome to 2003...... WPA2 is not secure there are many other methods than brute forcing that work very well, will dig the article and methods up when I cba :D


Please do, I've certainly found nothing to support these sort of claims.

The main weakness in WPA-PSK is down to using a weak (Dictionary / short) password along with a nonunique (IE Linksys, WLan, etc) SSID (Used to salt the password). Rainbow tables exist for common dictionary passwords with the 1000 "Most Common" SSIDs, making breaking them more straight-forward to break. (Clever idea using SSID as a salt though, as this limits the effectiveness of rainbow tables).
The same basic flaw is true of pretty much anything which uses a password as security. Weak password = weak security.

Next we have the nvidia CUDA based PBKDF2 key-generator (The algorithm that takes a password+ssid and hashes it into an encryption key). This uses a Nvidia processor to do the 16,000 odd rounds of SHA1 to create the pairwise master. Its about 10 times quicker than using a cpu, depending on the GPU model. But if a strong password is used, this counts for nothing.

And of course, none of this applies to 802.11x (Eg PEAP), which frankly corps should be using anyway.

Then you have the Tews and Beck "Practical Attacks against WEP and WPA". This attack revolves around only the TKIP, which was only really put in to allow older network cards to move to WPA. Pretty much anything that supports WPA2, which is pretty much anyway, now uses AES - a much stronger algorithm than RC4 which TKIP is based, which is very much creaking around the edges.
The Tews and Beck attack centers around reading ARPs and allows 7-15 packets to be injected every 14 or so minutes - there is potential for ARP poisoning here, which might stuff up a few connections, but given the rest of the messages can't be read, its not a huge security risk.



One extremely fast way was using pre generated libarys of the MD5 hash's (TB's in size) and in a very short amount of time the brute force done, there was also very recently a total security flaw with WPA2 digging it up.

Also the CUDA method works fine for WPA2.
In China DHCP leases YOU!
The Bible, Wrath of Khan, what's the difference

I am the Stig!

ImageImage

User avatar
Wishy
Senior Icelandic Field Sausage Engineer
Posts: 4288
Joined: Thu Jun 20, 2002 2:17 pm
Location: Woking
Contact:

Re: Ticket prices

Postby Wishy » Tue Dec 02, 2008 8:18 pm

ez64 wrote:One extremely fast way was using pre generated libarys of the MD5 hash's (TB's in size)

1) MD5 isn't used anywhere, its an old algorithm with proven collisions (Which, of course, is always going to happen with a hash algorithm by their very nature) which has been replaced with SHA1
2) Yes, the "MD5" hash tables can be built up, thats called a rainbow table. But as I said, because the SSID is added as a Salt - they need to be computed for the specific SSID. Also, even terrabytes in size won't cover password lengths of a sensible length. Given a strong preshared key

ez64 wrote:there was also very recently a total security flaw with WPA2 digging it up.

Most likely the Tews and Beck attack. That applies to TKIP, which can be used under WPA and WPA2, but is switched off by default on WPA2 - replaced with AES. The geek media made way too much of the flaw which has little real world impact.

ez64 wrote:Also the CUDA method works fine for WPA2.

Yes, of course it does, but as long as you choose a sensible password length (And choose a unique SSID) it doesn't matter, it'll take forever to crack the key.

Would respectifully suggest you do a bit more research before you make claims about crypto algorithms being totally broken.
Wishy - Westlan Web type person.

Merson
Ban Hammer Admin
Posts: 1893
Joined: Mon Oct 22, 2007 10:26 pm

Re: Ticket prices

Postby Merson » Tue Dec 02, 2008 10:38 pm

I'm sorry in English please? Seriously thats just words to me. :wink:

AlienX
Overdraft Admin
Posts: 2667
Joined: Tue Oct 25, 2005 5:14 pm
Location: United Kingdom, Somerset
Contact:

Re: Ticket prices

Postby AlienX » Wed Dec 03, 2008 10:53 pm

Thread cleaned, lets keep flame wars out of here please.

User avatar
xconspirisist
Pseudo-jolly-fatman, rapid-post-editor, postman-loather, coffee-induced-murderer, meatball-fanatic, GPS-hater, vapourware-author, executioner-of-flying-bugs, eternal emperor of entirety
Posts: 6182
Joined: Tue Sep 07, 2004 1:04 pm
Battle.net: xcons#2832
steamid: xconspirisist
Location: Hyrule. ▲
Contact:

Re: Ticket prices

Postby xconspirisist » Wed Dec 03, 2008 11:40 pm

The laws of thermodynamics make it impossible to actually crack AES (an algorithm commonly used with WPA2), until we can build a computer that runs as the resident temperature of the universe.

Seriously, try the red book on cryptography for starters. :)

Please don't mistake that for any measure of cryptographic strength as the algorithm may have vulnrebilities, although some of the best mathematicians have yet to find them. It's exceedingly unlikely that anyone is going to read your actual packets on a WPA2 Per/Ent with TKIP + AES

Jani
Swearing Admin
Posts: 1946
Joined: Thu Sep 08, 2005 1:23 pm
Location: Plymouth
Contact:

Re: Ticket prices

Postby Jani » Thu Dec 04, 2008 2:44 am

Indeed. The internets certainly are for porn.


Return to “Saltlan 16”