[Tfug] Slightly OT crypto question (WiFi/WPA)

Jim March 1.jim.march at gmail.com
Sun Dec 13 10:32:58 MST 2009


OK, but...a deauthentication attack means they just shut down the WiFi
setup, rather than read data from it, right?

Jim

On Sun, Dec 13, 2009 at 10:22 AM, David Rice <david.l.rice at gmail.com> wrote:

> I think that's a good password for dictionary attacks, but if your really
> concerned about other attacks then you need to log authentication attempts
> and alert on some sort of threshold of bad attempts, Long passwords won't
> cover deauthentication attacks, this is were you force the client to
> disconnect and you capture the authentication attempt, the brute force that
> using rainbow tables offline. So I would also hard code the mac addresses
> that you trust if your really worried about it.
>
> On Sun, Dec 13, 2009 at 9:51 AM, Jim March <1.jim.march at gmail.com> wrote:
>
>> Folks,
>>
>> We all set up and run WiFi routers once in a while so this only slightly
>> off-topic.
>>
>> Dictionary attacks against WPA security are on the rise.  The latest
>> trend:
>>
>>
>> http://news.techworld.com/security/3208347/new-cloud-hacking-service-steals-wi-fi-passwords
>>
>> Throw enough MIPS at it, it'll break.
>>
>> At this point, it still appears unlikely something like
>> "5435GDS5YHFHJF37GFBA" will fall any time soon.  While "thesaurus" is meat
>> for the beast.  My question is, what about:
>>
>> ithinktucsonreallysucks
>>
>> ?
>>
>> In other words, phrases of that sort that contain dictionary words, but
>> are not themselves in any possible dictionary.
>>
>> How secure are they as compared to really randomized passwords?
>>
>> Thanks,
>>
>> Jim
>>
>> _______________________________________________
>> Tucson Free Unix Group - tfug at tfug.org
>> Subscription Options:
>> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>>
>>
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20091213/e3cdda51/attachment-0002.html>


More information about the tfug mailing list