Page 2 of 2

PostPosted: Wed Jun 13, 2007 12:31 pm
by Thorn
wrzwaldo wrote:That's farking brilliant!
I should clarify that statement to say "I believe it transmits in the clear..." There may be some default or base-level encryption at work, although I doubt it. Having setup around 10 of the SES units for clients, I've observed that it generates the key and negotiates the WPA with the first client. It seems to be about a 3 minute period before it kicks into the encrypted mode. After that you have to either manually copy the key to additional clients or set the AP into the key negotiation mode again. All of that makes me think that its sends the key in the clear.

I should really sniff the traffic some time to see exactly how it does it. Hmmmm, that might make a good article or paper.

PostPosted: Wed Jun 13, 2007 12:34 pm
by theprez98
Thorn wrote:I should clarify that statement to say "I believe it transmits in the clear..."

Let the backpedaling begin! :p

PostPosted: Wed Jun 13, 2007 12:47 pm
by Thorn
theprez98 wrote:Let the backpedaling begin! :p
Yeah, you got me.

Although the point really is that I don't trust the way it's done. There is a distinct time period when the NIC and the AP are communicating without WPA being used, and then the key appears on the client software.

I think SES it makes it easy for users who don't know any better, but until its shown to be completely secure it shouldn't be accepted as the best way to use WPA, and that user need to understand that their may be some window of time -no matter how small- when they are vulnerable and the key can be obtained.

Now I'll have to look at it. And I will admit it on these forums if I'm wrong. :rolleyes:

PostPosted: Wed Jun 13, 2007 12:52 pm
by beakmyn
Thorn wrote:Yeah, you got me.

Although the point really is that I don't trust the way it's done. There is a distinct time period when the NIC and the AP are communicating without WPA being used, and then the key appears on the client software.

I think SES it makes it easy for users who don't know any better, but until its shown to be completely secure it shouldn't be accepted as the best way to use WPA, and that user need to understand that their may be some window of time -no matter how small- when they are vulnerable and the key can be obtained.

Now I'll have to look at it. And I will admit it on these forums if I'm wrong, and buy everyone a round at ShmooCon. :rolleyes:


fixed

PostPosted: Wed Jun 13, 2007 1:01 pm
by wrzwaldo
Thorn wrote:I should really sniff the traffic some time to see exactly how it does it.

Yes, yes you should! I'd be interested in your findings. I'd also like to have a look at the captured traffic.


Hmmmm, that might make a good article or paper.

Or a page or two in a book. ;)

PostPosted: Sun Jun 17, 2007 10:03 am
by DaKahuna
cellpunxer wrote:I guess i am better off creating my own passphrase, considering Linksys SES wont generate the amount of characters i prefer (64). Thanks everyone.


I agree. That is usually the best way.

I took a WRT54G and set it up for WEP. I typed in a plain text pass phrase and captured the resulting key. I did this 12 times. I then took the captured keys and combined them until I came up with the WPA key, 63 characters long, for my Netscreen NS-5GT. I also used one of the captured keystrings as the SSID, FJBTPMJK8R2J4PVQRYGGW644J

Obviously I have to carry a copy of my WPA key with me everywhere I go so I use an encrypted thumb drive for that and other key passwords/pass phrases.

PostPosted: Sun Jun 17, 2007 10:08 am
by Dutch
DaKahuna wrote:I also used one of the captured keystrings as the SSID, FJBTPMJK8R2J4PVQRYGGW644J

Damn.. It's not on Wigle.. :confused: Yet.. ;)


Dutch

PostPosted: Sun Jun 17, 2007 10:43 am
by Barry
DaKahuna wrote:I agree. That is usually the best way.

I took a WRT54G and set it up for WEP. I typed in a plain text pass phrase and captured the resulting key. I did this 12 times. I then took the captured keys and combined them until I came up with the WPA key, 63 characters long, for my Netscreen NS-5GT. I also used one of the captured keystrings as the SSID, FJBTPMJK8R2J4PVQRYGGW644J

Obviously I have to carry a copy of my WPA key with me everywhere I go so I use an [color="Red"]encrypted thumb drive[/color] for that and other key passwords/pass phrases.


1024bit AES? :D

PostPosted: Sun Jun 17, 2007 10:48 am
by DaKahuna
Barry wrote:1024bit AES? :D


SanDisk 2.0 GB Cruiser with TrueCrypt.

PostPosted: Sun Jun 17, 2007 10:49 am
by Dutch
Barry wrote:1024bit AES? :D

Nahh... He uses WEP 40 bit on the thumbdrive.. Just in case he forgets the password for it, he can use ThumbCrack-ng to retrieve it.. :D

Dutch

PostPosted: Sun Jun 17, 2007 11:37 am
by Barry
Dutch wrote:Nahh... He uses WEP 40 bit on the thumbdrive.. Just in case he forgets the password for it, he can use [color="Red"]ThumbCrack-ng[/color] to retrieve it.. :D

Dutch



Is that on the new NetStumbler live cd?

PostPosted: Sun Jun 17, 2007 2:04 pm
by Dutch
Barry wrote:Is that on the new NetStumbler live cd?

Only on the Mac 68K version. Requires FPU, MMU and 32 bit clean roms, so Quadra or later only.


Dutch

PostPosted: Sun Jun 17, 2007 2:11 pm
by Barry
Dutch wrote:Only on the Mac 68K version. Requires FPU, MMU and 32 bit clean roms, so Quadra or later only.


Dutch



So my color classic is out....Oh no's!