Linksys SES (Secure Easy Setup)

Postby Thorn » Wed Jun 13, 2007 12:31 pm

wrzwaldo wrote:That's farking brilliant!
I should clarify that statement to say "I believe it transmits in the clear..." There may be some default or base-level encryption at work, although I doubt it. Having setup around 10 of the SES units for clients, I've observed that it generates the key and negotiates the WPA with the first client. It seems to be about a 3 minute period before it kicks into the encrypted mode. After that you have to either manually copy the key to additional clients or set the AP into the key negotiation mode again. All of that makes me think that its sends the key in the clear.

I should really sniff the traffic some time to see exactly how it does it. Hmmmm, that might make a good article or paper.
Thorn
Stop the TSA now! Boycott the airlines.
Thorn
 
Posts: 10340
Joined: Sat Apr 13, 2002 3:00 am
Location: Villa Straylight

Postby theprez98 » Wed Jun 13, 2007 12:34 pm

Thorn wrote:I should clarify that statement to say "I believe it transmits in the clear..."

Let the backpedaling begin! :p
[font="Courier New"]"\x74\x68\x65\x70\x72\x65\x7a\x39\x38";[/font]
User avatar
theprez98
 
Posts: 3638
Joined: Tue Jan 11, 2005 8:23 pm
Location: Maryland

Postby Thorn » Wed Jun 13, 2007 12:47 pm

theprez98 wrote:Let the backpedaling begin! :p
Yeah, you got me.

Although the point really is that I don't trust the way it's done. There is a distinct time period when the NIC and the AP are communicating without WPA being used, and then the key appears on the client software.

I think SES it makes it easy for users who don't know any better, but until its shown to be completely secure it shouldn't be accepted as the best way to use WPA, and that user need to understand that their may be some window of time -no matter how small- when they are vulnerable and the key can be obtained.

Now I'll have to look at it. And I will admit it on these forums if I'm wrong. :rolleyes:
Thorn
Stop the TSA now! Boycott the airlines.
Thorn
 
Posts: 10340
Joined: Sat Apr 13, 2002 3:00 am
Location: Villa Straylight

Postby beakmyn » Wed Jun 13, 2007 12:52 pm

Thorn wrote:Yeah, you got me.

Although the point really is that I don't trust the way it's done. There is a distinct time period when the NIC and the AP are communicating without WPA being used, and then the key appears on the client software.

I think SES it makes it easy for users who don't know any better, but until its shown to be completely secure it shouldn't be accepted as the best way to use WPA, and that user need to understand that their may be some window of time -no matter how small- when they are vulnerable and the key can be obtained.

Now I'll have to look at it. And I will admit it on these forums if I'm wrong, and buy everyone a round at ShmooCon. :rolleyes:


fixed
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby wrzwaldo » Wed Jun 13, 2007 1:01 pm

Thorn wrote:I should really sniff the traffic some time to see exactly how it does it.

Yes, yes you should! I'd be interested in your findings. I'd also like to have a look at the captured traffic.


Hmmmm, that might make a good article or paper.

Or a page or two in a book. ;)
wrzwaldo
 
Posts: 8995
Joined: Sun Dec 14, 2003 12:43 pm

Postby DaKahuna » Sun Jun 17, 2007 10:03 am

cellpunxer wrote:I guess i am better off creating my own passphrase, considering Linksys SES wont generate the amount of characters i prefer (64). Thanks everyone.


I agree. That is usually the best way.

I took a WRT54G and set it up for WEP. I typed in a plain text pass phrase and captured the resulting key. I did this 12 times. I then took the captured keys and combined them until I came up with the WPA key, 63 characters long, for my Netscreen NS-5GT. I also used one of the captured keystrings as the SSID, FJBTPMJK8R2J4PVQRYGGW644J

Obviously I have to carry a copy of my WPA key with me everywhere I go so I use an encrypted thumb drive for that and other key passwords/pass phrases.
User avatar
DaKahuna
 
Posts: 478
Joined: Wed Jan 18, 2006 11:55 am
Location: If you find out, let me know!

Postby Dutch » Sun Jun 17, 2007 10:08 am

DaKahuna wrote:I also used one of the captured keystrings as the SSID, FJBTPMJK8R2J4PVQRYGGW644J

Damn.. It's not on Wigle.. :confused: Yet.. ;)


Dutch
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Postby Barry » Sun Jun 17, 2007 10:43 am

DaKahuna wrote:I agree. That is usually the best way.

I took a WRT54G and set it up for WEP. I typed in a plain text pass phrase and captured the resulting key. I did this 12 times. I then took the captured keys and combined them until I came up with the WPA key, 63 characters long, for my Netscreen NS-5GT. I also used one of the captured keystrings as the SSID, FJBTPMJK8R2J4PVQRYGGW644J

Obviously I have to carry a copy of my WPA key with me everywhere I go so I use an [color="Red"]encrypted thumb drive[/color] for that and other key passwords/pass phrases.


1024bit AES? :D
Never do anything you don't want to explain to the paramedics.
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Postby DaKahuna » Sun Jun 17, 2007 10:48 am

Barry wrote:1024bit AES? :D


SanDisk 2.0 GB Cruiser with TrueCrypt.
User avatar
DaKahuna
 
Posts: 478
Joined: Wed Jan 18, 2006 11:55 am
Location: If you find out, let me know!

Postby Dutch » Sun Jun 17, 2007 10:49 am

Barry wrote:1024bit AES? :D

Nahh... He uses WEP 40 bit on the thumbdrive.. Just in case he forgets the password for it, he can use ThumbCrack-ng to retrieve it.. :D

Dutch
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Postby Barry » Sun Jun 17, 2007 11:37 am

Dutch wrote:Nahh... He uses WEP 40 bit on the thumbdrive.. Just in case he forgets the password for it, he can use [color="Red"]ThumbCrack-ng[/color] to retrieve it.. :D

Dutch



Is that on the new NetStumbler live cd?
Never do anything you don't want to explain to the paramedics.
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Postby Dutch » Sun Jun 17, 2007 2:04 pm

Barry wrote:Is that on the new NetStumbler live cd?

Only on the Mac 68K version. Requires FPU, MMU and 32 bit clean roms, so Quadra or later only.


Dutch
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Postby Barry » Sun Jun 17, 2007 2:11 pm

Dutch wrote:Only on the Mac 68K version. Requires FPU, MMU and 32 bit clean roms, so Quadra or later only.


Dutch



So my color classic is out....Oh no's!
Never do anything you don't want to explain to the paramedics.
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Previous

Return to Windows

Who is online

Users browsing this forum: No registered users and 3 guests