[Tfug] Why would *anyone* leave a door open?

Jordan Aberle jordan.aberle at gmail.com
Thu Aug 27 18:29:34 MST 2009


WPA-TKIP is cracked by capturing the authentication handshake between the
client and the router, when you have captured the "handshake" the key can be
cracked by brute force.  If the password the router is using does not match
the password in your dictionary file it will not beable to crack the key.

If you use WPA2 or WPA mixed with AES(CCMP) you will not be hacked unless
the wireless key matches a word in a dictionary file.  These are still
secure methods if you set them up properly, the only downfall is that not
all wireless cards support CCMP.

Stating that all modes of wpa/wpa2 are insecure is just not accurate.

On Thu, Aug 27, 2009 at 5:43 PM, Bexley Hall <bexley401 at yahoo.com> wrote:

> Hi Zack,
>
> > > There are advantages to wired connections...  :-(
> >
> > Exactly.  If you can wire, do it.
>
> A note from my bank encouraging me to sign up for "on-line
> banking"  (saves *them* the cost of printing and mailing me
> a paper statement -- but what does it *get* me??!).
>
> In essence, they want to scare me into thinking some guy is
> going to drive down my street on *the* day when that bank
> statement is placed in my mailbox *after* the postal carrier
> has delivered it and *before* I have retrieved it from the box.
> I.e., "you are at risk for identity theft!!!!!"
>
> Of course, they fail to point out how having my account
> information on-line makes that window of opportunity much
> wider (i.e., any time day or night you have access to those
> statements) *and* allows anyone ANYWHERE to go poking around
> (instead of forcing that thief to have deliberately targeted
> *my* street/mailbox).
>
> > The worst part of this is the stupid "oh yeah, we support WiFi"
> > printers, game consoles (I'm looking at you Nintendo DS), etc. that
> > support either unencrypted or WEP only...   Way to encourage bad
> > behavior.
>
> Exactly.  I keep my WAP turned off unless I absolutely need
> it.  Most of the time, I connect my laptop with a cable at a
> nearby jack (I have something like 27 drops around the house).
> If push comes to shove, I'll drag a 50 foot cable out so I can
> avoid going wireless.
>
> *Or*, use a PLC modem (vulnerable but not nearly as much so as a
> wifi card!).
>
> People get used to using a certain type of technology and
> eventually forget the cautions *against* using it.  So, "good
> practices" quickly become risky ones.  :-/
>
>
>
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20090827/8f0e2986/attachment-0002.html>


More information about the tfug mailing list