Re: [NTLK] [NTLK][OT] Lucent Wavelan Turbo Silver - success!

From: Paul Curtis (MicroSSG_at_Comcast.net)
Date: Mon Feb 06 2006 - 07:38:19 PST


I should have prefaced that the only WiFi I use is printing. My laptops for
the most part are hardwired. My wife occasionally takes her laptop outside
with the WiFi in the summer.

I'm curious as to how you validate a spoofed mac address when the hardware
is being checked? This is worrisome. Is this being done by intercepting the
request for mac address with a script and then feeding the spoofed address?
Also, even if you could spoof the address, how are you going to disconnect
the current connection?

Best Regards,

Paul Curtis
Certified Mortgage Planner
Allied Home Mortgage

(517) 775-6666 Cell (Voice Mail)
(517) 579-0849 Home Facsimile
(517) 327-4200 Office
(517) 327-4300 Office Facsimile
www.BBCGroupMI.net Advanced Online Application
www.HomeSweetHomeLoan.com Online Application

-----Original Message-----
From: newtontalk-bounce_at_newtontalk.net
[mailto:newtontalk-bounce_at_newtontalk.net] On Behalf Of Morgan Aldridge
Sent: Thursday, February 02, 2006 8:44 AM
To: newtontalk_at_newtontalk.net
Subject: Re: [NTLK] [NTLK][OT] Lucent Wavelan Turbo Silver - success!

This is fine for a home solution, but doesn't really provide any security.
For Newton OS Internet access, I doubt it's much of an issue, but there are
some things you all should be aware of (I'll start with Paul's three):

>> 1. Don't broadcast your SSID

This only means a casual user will not find your wireless network and try to
get in, no more. With the next two you prevent those casual users from
getting anyway, so it's not an effective endeavor. Any WiFi sniffer can
detect _any_ wireless network in range, whether it's open or closed (SSID
broadcast or not, respectively).

>> 2. lock down your network by mac addresses

This is an excellent thing to do, no doubt about it. However, it only
restricts who can actually connect to the network. It would take an
_extremely_ long time to brute-force[1] a MAC address (a high power of ten
years, most likely) to connect to the network, your data is still flowing,
unencrypted, through the air. A WiFi sniffer has little difficulty reading
the packets.

Again, for Newton OS Internet access, this will most likely not be an issue
since any site requiring usernames and passwords these days requires SSL,
which we just don't have yet. However, if you're using e-mail, that username
& password is being sent unencrypted as well.

>> 3. limit the number of connections by the number of computers you
>> have

Not a bad idea, but again, it doesn't prevent someone snooping on your data.

On breaking WEP encryption:

40-bit encryption is very week and many manufacturer's 40-bit WEP key [2]
generators are flawed and can be brute-forced within a matter of minutes.
Although if you make up your own WEP key (as opposed to WEP
password[3]) and make it harder to brute-force, there's always WEP
cracking[4]. It's quite easy to crack 40-bit WEP encryption.

104-bit WEP encryption is still a fairly weak algorithm, but still buys us
some time. I'm not aware of any flaws in manufacturer's 104- bit WEP key
generators, so it would take somewhere around 10^8 years (with one of
today's computers) to brute-force the password...
needless to say the password would likely have changed by then. :)

Cracking 104-bit WEP encryption is not hard, but it is significantly more
time consuming. For a low traffic WiFi network (a few computers just doing
occasional, casual web browsing) it may take a couple months to connect
enough packets to crack the encryption, although a high traffic WiFi network
(say, ten computers or more with lots of web browsing, e-mail, IM traffic,
etc.) you could probably crack it in a matter of days.

Conclusion:

40-bit WEP encryption is pointless. 104-bit encryption buys us time
(for most of us, weeks). If you're using 104-bit WEP on a home
network, you can reasonably change your password every few weeks and
be safe from WEP cracking.

Restricting by MAC address is an good* way to prevent access to your
network, but does nothing to prevent others from reading the data
transmitted/received over the WiFi network. You'll need encryption
for that.

Using SSL provides extra encryption for sensitive data, just in case
someone were to crack your WEP encryption.

* - I've not investigated how the MAC address is stored in WiFi
packets. It's possible that someone could monitor packets in an
unencrypted WiFi network and just pick and choose which MAC address
they wanted to masquerade as, instead of needing to brute-force it.
[1] - "brute-force", in the security arena, means trying every
possible permutation of a username/password/key/address/etc. until
you find one that works. Tried and true, but is likely to take an
impossibly long time.
[2] - "WEP key" refers to the HEX (0-9,A-F) string (encrypted) used
to represent the password to the WiFi network.
[3] - "WEP password" refers to the ASCII password that is encrypted
into HEX to be used as the password to the WiFi network.
[4] - "WEP cracking" refers to collecting enough packets from a WiFi
network so that you can run them through an algorithm and determine
the WEP key being used to access the network.

Morgan Aldridge

--
morgant_at_makkintosshu.com
http://www.makkintosshu.com/
On Feb 2, 2006, at 2:55 AM, andrewfox_at_mac.com wrote:
> Hi,
>
> Couldn't have said it any better than Paul so I didn't waste  
> bandwidth.
>
> This is exactly the setup I use for my wireless Newtoning. The big
> advantage?
>
> You can use Hiroshi's driver as it comes and with the current un-
> availability of registration for this driver it means you can keep
> wireless alive on your Newton.
>
> The major issue is that the majority of wireless hotspots require
> either WEP and/or WPA to be enabled but most also use SSL encrypted
> web pages for registering access so your stuffed anyway;-)
>
> I sincerely hope that registering becomes available again as I think
> every Newton user who has a wireless card should register.
>
> regards
> Andrew
>
-- 
This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries
Official Newton FAQ: http://www.chuma.org/newton/faq/
WikiWikiNewt for all kinds of articles: http://tools.unna.org/wikiwikinewt/
-- 
This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries
Official Newton FAQ: http://www.chuma.org/newton/faq/
WikiWikiNewt for all kinds of articles: http://tools.unna.org/wikiwikinewt/


This archive was generated by hypermail 2.1.5 : Mon Feb 06 2006 - 10:00:23 PST