Jump to content

Police raid house because of open wifi network


JStump

Recommended Posts

Well if you are using a good password, WPA2 should be close to uncrackable. Using numbers, letters and upper/lower case should make it nearly impossible, especially if it is a phrase and not a single word. And if it is longer than 25 characters it is impossible.

Edited by JStump
Link to comment
Share on other sites

J, you couldn't be more wrong. All you need is enough drive space to download these huge wordbase files, basically you use the program to kick someone off the router, then when they log back on you intercept the handshake and let the program start comparing the encrypted password to all these word/number combos in this huge database, can take hours or days but if you use real words it will find them. Most secure password is a random alpha-numeric combination.

Link to comment
Share on other sites

Well sure, if you have the hardware you can do it, but who honestly does? And if they do, I doubt they will be interested in using it on my home network. And WPA2-Enterprise has yet to be cracked to my knowledge which is what corporations and businesses should be using.

Link to comment
Share on other sites

How long to crack a Mac filter?

minute, maybe 2 at most. That's allowing for starting up the program and getting going. If it's already up and running - 30 seconds.

Well sure, if you have the hardware you can do it, but who honestly does?

Laptop, wireless card in lapper, some free software.

And if they do, I doubt they will be interested in using it on my home network.

Probably not, but crazy ex-gf or boyfriend of crazy ex-gf might.

And WPA2-Enterprise has yet to be cracked to my knowledge which is what corporations and businesses should be using.

Sure has, at least 3 years ago. Not difficult. Waiting for Flounder to jump in.

Official response from the 5-0 for terrorizing the wrong house:

Edited by jblosser
durrr
Link to comment
Share on other sites

Well if you are using a good password, WPA2 should be close to uncrackable. Using numbers, letters and upper/lower case should make it nearly impossible, especially if it is a phrase and not a single word. And if it is longer than 25 characters it is impossible.
Well sure, if you have the hardware you can do it, but who honestly does? And if they do, I doubt they will be interested in using it on my home network. And WPA2-Enterprise has yet to be cracked to my knowledge which is what corporations and businesses should be using.

ROFLMAO!! where did you get your info? That is all way wrong. No, it does not need special hardware. Hell I save my older laptops to run backtrack on for when I am tasked with pen test. It is not hard and does not take a lot of time. And the "who would hit my little home network" mentality, let me clue you in. The first group is the want to be haxor kids that do it just because it is there, the other group is people who are looking to mask illegal activity be it movie pirates or people running stolen credit card numbers.

Link to comment
Share on other sites

Sure has, at least 3 years ago. Not difficult. Waiting for Flounder to jump in.

My understanding was that AES hadn't been compromised, and that serves as the backbone (as long as you enable it and not TKIP) for WPA2. Either way, I'm waiting for Flounder too, I know he's got way more chops on this than I do.

Link to comment
Share on other sites

My understanding was that AES hadn't been compromised, and that serves as the backbone (as long as you enable it and not TKIP) for WPA2. Either way, I'm waiting for Flounder too, I know he's got way more chops on this than I do.

This is what I thought.

Link to comment
Share on other sites

i'm assuming most home users aren't setting up a freeradius server, so they're not going to be running enterprise.

yes, tkip = easy; aes, not so easy - but it was announced in August. Couple of Germans, iirc. Something like 2 billion years if you had one trillion machines trying one million keys/second.

So for now, aes is good.

Personally, i just don't broadcast my ssid and i haz an un-complex (but long) password. i'm not worried - I'm pretty sure the Westerville 5-0 doesn't have the skills to to find my non-advertised name, let alone find a MAC they can use and then figure out my password. I'll see the patrol car parked in the driveway long before they get on my network...

Link to comment
Share on other sites

i'm assuming most home users aren't setting up a freeradius server, so they're not going to be running enterprise.

yes, tkip = easy; aes, not so easy - but it was announced in August. Couple of Germans, iirc. Something like 2 billion years if you had one trillion machines trying one million keys/second.

So for now, aes is good.

Personally, i just don't broadcast my ssid and i haz an un-complex (but long) password. i'm not worried - I'm pretty sure the Westerville 5-0 doesn't have the skills to to find my non-advertised name, let alone find a MAC they can use and then figure out my password. I'll see the patrol car parked in the driveway long before they get on my network...

I mentioned enterprise because if you REALLY need it to be secure, you are probably a company of some kind that has the means to implement enterprise.

And as you mentioned, it would take FOREVER to crack AES which in my opinion counts as impossible to crack unless you plan on living for a billion years. This may change years from now when hardware advances but currently it is not possible.

Link to comment
Share on other sites

I mentioned enterprise because if you REALLY need it to be secure, you are probably a company of some kind that has the means to implement enterprise.

And as you mentioned, it would take FOREVER to crack AES which in my opinion counts as impossible to crack unless you plan on living for a billion years. This may change years from now when hardware advances but currently it is not possible.

right, and i said it was crackable b/c i thought we were talking about home networks, where no one's using enterprise (probably).

'tis all good, young padawan. :D

Link to comment
Share on other sites

Using "pairing-based" cryptography on this code has led to the standardization of this type of code cracking, says Fujitsu Laboratories. Scientists say that breaking the 923-bit encryption, which is 278-digits, would have been impossible using previous "public key" cryptography; but using pairing-based cryptography, scientists were able to apply identity-based encryption, keyword searchable encryption, and functional encryption.

If they had been using a public key, it would not have been possible.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...