SSID broadcasts

Started by benthehutt, March 16, 2005, 06:07:08 PM

Previous topic - Next topic
I broke into my linksys running 128bit enc in 7 minutes. I have a video that shows WEP cracking in 5 minutes. Think your Wifi is secure? Doubt it.

Wilnix
alt email address: wilnix@hackphreak.org

Ha! I win! I was right!

"My Terminal is my Soul"

Win?  No way, we already discussed that!  We all knew it was less secure anyway... ;D
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

Yep, you heard me; I WON and you can't do anything about it!

You are afterall.. a lower status than me. Plus your post count is significantly lower... and.. and ...

okay I'll shut up now ;D

PS. Yes, ok. I suppose you're right. Bastard!

"My Terminal is my Soul"

Quote from: wilnix on April 12, 2006, 05:21:19 PM
I broke into my linksys running 128bit enc in 7 minutes. I have a video that shows WEP cracking in 5 minutes. Think your Wifi is secure? Doubt it.

Wilnix

post the vid wil!

i want to see it

I'm currently doing some serious research into wireless security issues, so I'll share some secrets to wifi security:

1. 40-bit WEP keys are just as insecure as 104-bit WEP keys, know why?  Because nobody actually cracks the WEP, they crack the 24-bit IV that's broadcasted with it.  So, instead of wasting precious bandwidth and CPU cycles, turn WEP down to 64-bit.

2.  Use some form of EAP, prefferable LEAP.  LEAP utilizes a rotating key configuration and a RADIUS authentication server.  Basically, the idea is that each user contacts the AP and gives a username/password.  Then it authenticates you against the RADIUS server and generates a WEP key if you're legit.  Then, (this all happens behind the scenes) every few minutes your computer retransmits the username/pass and a new WEP key is generated.  So, a hacker probably won't be able to crack the key before a new one gets generated--pretty sweet.  MS also has an EAP version out that authenticates to AD with a dual certificate system.  It's much more secure than LEAP, but impossible to implement.

3.  Don't disable SSID broadcasting.  It's just annoying.  And it doesn't do anybody any good.

4.  Don't do MAC filtering.  Again, it doesn't do anybody any good, it's just annoying.
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

SMF spam blocked by CleanTalk