South Africa coach Arthur laments nervous start

Wireless networks are extremely vulnerable to intrusion from hackers -
even with encryption switched on, say leading security experts.

Foundstone, a division of McAfee, cautioned that the tools needed to
carry out such attacks are freely available on the internet and that
some distributions of Linux are specially pre-configured for these
tasks.

No specialist knowledge is required to break a wireless network's
encryption so there's a wider pool of potential hackers to guard
against.
WEP encryption is particularly susceptible to 'network sniffing'
whereby malicious users listen in on the packets of information being
exchanged between computers. When enough packets have been gathered it
becomes almost trivial to crack the encryption and reveal the
network's password.

WPA can be easily exploited by evesdropping on traffic when computers
sign onto a network - during the handshaking process.

Foundstone underlines the importance of choosing a secure password that
won't be vulnerable to a dictionary attack and changing the network
key often. It says that 10 per cent of people still use one of the top
50 most common passwords.

For commercial wireless use, Foundstone recommends that IT managers
assume that anyone can break the network key and that it should only be
the first of a layered defence against intrusion.

Martin Pivetta, market development manger at McAfee, says he is
highlighting this issue 'not to sell products but to create
awareness.

- Marc Delehanty
To Read More : www.knowingabout.com/wifi

On 27 Jul 2006 11:10:13 -0700, "KnowingAbout.com"
<(E-Mail Removed)> wrote in
<(E-Mail Removed). com>:

>WPA can be easily exploited by evesdropping on traffic when computers
>sign onto a network - during the handshaking process.

Not true.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

On 27 Jul 2006 11:10:13 -0700, in alt.internet.wireless ,
"KnowingAbout.com" <(E-Mail Removed)> wrote:

>
>Wireless networks are extremely vulnerable to intrusion from hackers -

This is not news, and has nothing to do with the subject. Please don't
post adverts for your news-service.
--
Mark McIntyre

"KnowingAbout.com" <(E-Mail Removed)> hath wroth:

>Wireless networks are extremely vulnerable to intrusion from hackers -
>even with encryption switched on, say leading security experts.

Sounds like something that a security expert, which has never attended
a security conference, would say. It's vague, overly general,
alarmist, only partially true, and reads like a press release.

Only misconfigured wireless networks are "extremely" vulnerable.
What's amazing to me is that wired networks are even more vulnerable
given a proper wiretap.
http://www.irongeek.com/i.php?page=security/tonystap

>Foundstone, a division of McAfee, cautioned that the tools needed to
>carry out such attacks are freely available on the internet and that
>some distributions of Linux are specially pre-configured for these
>tasks.

No. The various LiveCD distributions of Linux contain all the tools
but are not pre-configured for an automated attack. For example see:
http://www.remote-exploit.org/index.php/Auditor_main
I'll admit that the proceedures are well documented on the web, but
they have not been fully automated. If you happen to know of a ready
to attack Linux distribution, I would be interested in knowing the
URL.

>No specialist knowledge is required to break a wireless network's
>encryption so there's a wider pool of potential hackers to guard
>against.

Really? It took me almost an entire day to figure out how to get
NDISwrapper to work with my piece of junk laptop. I got more than a
few suprises when trying to crack WEP. Read about WEP+ for details.

>WEP encryption is particularly susceptible to 'network sniffing'
>whereby malicious users listen in on the packets of information being
>exchanged between computers. When enough packets have been gathered it
>becomes almost trivial to crack the encryption and reveal the
>network's password.

It's not a password. It's a shared encryption key. It is also NOT
trivial to recover the key once a sufficient number of packets have
been gathered. WEP cracking relies on two assumption.
1. That a sufficient number of "interesting" initialization vectors
can be sniffed.
2. That a dictionary attack on these IV's will be successful.
Both assumptions have their limitations and are often a problem. In
the case of WEP+, I sniffed continuous traffic for perhaps 3 hours and
never caught a single "interesting" IV. (With ordinary WEP, I had
what I needed in about 10-15 minutes).

>WPA can be easily exploited by evesdropping on traffic when computers
>sign onto a network - during the handshaking process.

Totally wrong. Moronic and trival WPA key selection can make WPA
susceptible to dictionary attacks, but a proper WPA key has yet to be
cracked.

>Foundstone underlines the importance of choosing a secure password that
>won't be vulnerable to a dictionary attack and changing the network
>key often.

How often? How will changing the key solve a security problem? If it
can be cracked with one key, why should a different key be any more
secure? It's either secure, or it's not. There's no in between.

>It says that 10 per cent of people still use one of the top
>50 most common passwords.

99.73% of all statistics are wrong.

>For commercial wireless use, Foundstone recommends that IT managers
>assume that anyone can break the network key and that it should only be
>the first of a layered defence against intrusion.

Excellent advice. Just let the hackers into the wireless systems and
rely on an obstacle course of secondary security measures to protect
the network. Of course, these secondary security measures have to be
planned, sold, bought, administered, and tested. Hmmm... Foundstone
is in what business? Perhaps security consulting?
http://www.foundstone.com
I like the business plan. Create confusion and complexity. Solve it
with the company's consulting service.

They even train the attackers:
http://www.foundstone.com/team/events/blackhat/
Only $2100 per class.

>Martin Pivetta, market development manger at McAfee, says he is
>highlighting this issue 'not to sell products but to create
>awareness.

Yep. I'm very aware there's a problem at McAfee.

>- Marc Delehanty
>To Read More : www.knowingabout.com/wifi

That's just a copy of your posting. Nothing more to read. Nice try.

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

On Thu, 27 Jul 2006 18:25:38 -0700, Jeff Liebermann
<(E-Mail Removed)> wrote in
<(E-Mail Removed)>:

>"KnowingAbout.com" <(E-Mail Removed)> hath wroth:

>>Foundstone, a division of McAfee, cautioned that the tools needed to
>>carry out such attacks are freely available on the internet and that
>>some distributions of Linux are specially pre-configured for these
>>tasks.
>
>No. The various LiveCD distributions of Linux contain all the tools
>but are not pre-configured for an automated attack. For example see:
> http://www.remote-exploit.org/index.php/Auditor_main
>I'll admit that the proceedures are well documented on the web, but
>they have not been fully automated. If you happen to know of a ready
>to attack Linux distribution, I would be interested in knowing the
>URL.

Whether a URL exists or not isn't necessarily meaningful -- such stuff
is passed around over IRC, filesharing, and other non-web channels.
I've seen it. Security experts know that it's not safe to assume
something doesn't exist just because you haven't see it yourself.

>>No specialist knowledge is required to break a wireless network's
>>encryption so there's a wider pool of potential hackers to guard
>>against.
>
>Really? It took me almost an entire day to figure out how to get
>NDISwrapper to work with my piece of junk laptop. I got more than a
>few suprises when trying to crack WEP. Read about WEP+ for details.

Really. There are a lot of folks out there with the time and incentive
to do it.

>>Foundstone underlines the importance of choosing a secure password that
>>won't be vulnerable to a dictionary attack and changing the network
>>key often.
>
>How often? How will changing the key solve a security problem? If it
>can be cracked with one key, why should a different key be any more
>secure? It's either secure, or it's not. There's no in between.

Because keys may be compromised in a number of ways that may well be
unintentional, and it's cheap insurance to limit the damage by changing
them, as many (most?) security experts recommend; e.g., Cisco:
<http://www.cisco.com/public/news_training/security_measures.html>

1. Change your Cisco.com password regularly. We suggest changing your
password at a minimum of every six months.

NCSA (National Center for Supercomputing Applications)
<http://help.ncsa.uiuc.edu/security/passwords.html>:

In keeping with good security practices, NCSA encourages you to
change your password regularly.

>>It says that 10 per cent of people still use one of the top
>>50 most common passwords.
>
>99.73% of all statistics are wrong.
>[SNIP]

This threat is real, and it's not helpful to trivialize it.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

John Navas <(E-Mail Removed)> hath wroth:

>Whether a URL exists or not isn't necessarily meaningful -- such stuff
>is passed around over IRC, filesharing, and other non-web channels.
>I've seen it. Security experts know that it's not safe to assume
>something doesn't exist just because you haven't see it yourself.

Then, I guess it's not "freely available".

>>>No specialist knowledge is required to break a wireless network's
>>>encryption so there's a wider pool of potential hackers to guard
>>>against.
>>
>>Really? It took me almost an entire day to figure out how to get
>>NDISwrapper to work with my piece of junk laptop. I got more than a
>>few suprises when trying to crack WEP. Read about WEP+ for details.
>
>Really. There are a lot of folks out there with the time and incentive
>to do it.

The comment was about not requiring specialized knowledge. I sure
could have used some of that specialized knowledge trying to bludgeon
my wireless card into functionality. Perhaps time and incentives are
a good substitute for specialized knowledge.

>Because keys may be compromised in a number of ways that may well be
>unintentional, and it's cheap insurance to limit the damage by changing
>them, as many (most?) security experts recommend; e.g., Cisco:
><http://www.cisco.com/public/news_training/security_measures.html>

Right. With a shared key system, such as WEP and WPA, all the clients
have to also change their encryption keys. Therefore a large number
of people will know the key. One leak and it's compromised. Methinks
using WPA-RADIUS which automagically delivers a unique key for each
session makes much more sense. However, if juggling keys every few
months makes one feel secure, I'm all for it.

Incidentally, one IT department sorta followed the proper proceedure
for regularly changing WPA keys. They emailed a list of the WPA keys
for the next few months to all those that needed to know. AFter about
a month, the keys were all over the company. After that fiasco, an IT
person personally types in the WPA key into everyone laptop. The
users doesn't know the key. End of the leak problem. About a month
ago, they went to RADIUS servers. End of the key juggling problem.

>This threat is real, and it's not helpful to trivialize it.

I'm not trivializing the threat. I'm merely pointing out some
problems with the common perceptions and suggested solutions. Let's
just say my style (or lack of it) is not exactly mainstream.


--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

On Thu, 27 Jul 2006 20:09:38 -0700, Jeff Liebermann
<(E-Mail Removed)> wrote in
<(E-Mail Removed)>:

>John Navas <(E-Mail Removed)> hath wroth:
>
>>Whether a URL exists or not isn't necessarily meaningful -- such stuff
>>is passed around over IRC, filesharing, and other non-web channels.
>>I've seen it. Security experts know that it's not safe to assume
>>something doesn't exist just because you haven't see it yourself.
>
>Then, I guess it's not "freely available".

Bad guess IM(no)HO(c) -- it's quite free in those circles. You should
check around before assuming these venues don't matter -- IRC, for
example, is a favorite black hat mechanism for a number of fairly
obvious reasons.

>>Really. There are a lot of folks out there with the time and incentive
>>to do it.
>
>The comment was about not requiring specialized knowledge. ...

I wasn't talking about specialized knowledge -- I was talking about
black hat communities that are happy to make things easy for newbies.

>>Because keys may be compromised in a number of ways that may well be
>>unintentional, and it's cheap insurance to limit the damage by changing
>>them, as many (most?) security experts recommend; e.g., Cisco:
>><http://www.cisco.com/public/news_training/security_measures.html>
>
>Right. With a shared key system, such as WEP and WPA, all the clients
>have to also change their encryption keys. Therefore a large number
>of people will know the key. One leak and it's compromised. Methinks
>using WPA-RADIUS which automagically delivers a unique key for each
>session makes much more sense.

Of course. But that doesn't solve the basic problem of a static
defense, as the French learned to their dismay in WWII. Can you say,
"Maginot?"

>However, if juggling keys every few
>months makes one feel secure, I'm all for it.

Good, because it actually makes one more secure.

>Incidentally, one IT department sorta followed the proper proceedure
>for regularly changing WPA keys. They emailed a list of the WPA keys
>for the next few months to all those that needed to know. AFter about
>a month, the keys were all over the company. After that fiasco, an IT
>person personally types in the WPA key into everyone laptop. The
>users doesn't know the key. End of the leak problem. About a month
>ago, they went to RADIUS servers. End of the key juggling problem.

Great if you have corporate RADIUS servers, or the expertise to run your
own. Not great for the majority that don't. Even better to require
authenticated VPN in the enterprise -- RADIUS alone for a serious IT
operation doesn't impress me, not to mention an IT group dumb enough to
email keys. (LOL)

>>This threat is real, and it's not helpful to trivialize it.
>
>I'm not trivializing the threat. I'm merely pointing out some
>problems with the common perceptions and suggested solutions. Let's
>just say my style (or lack of it) is not exactly mainstream.

I'll take your word for it.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

In article <(E-Mail Removed)>, Jeff Liebermann <(E-Mail Removed)> wrote:
>"KnowingAbout.com" <(E-Mail Removed)> hath wroth:
>
>>Wireless networks are extremely vulnerable to intrusion from hackers -
>>even with encryption switched on, say leading security experts.
>
>Sounds like something that a security expert, which has never attended
>a security conference, would say. It's vague, overly general,
>alarmist, only partially true, and reads like a press release.

ding ding, Jeff wins the prize. <grin />

>
>Only misconfigured wireless networks are "extremely" vulnerable.
>What's amazing to me is that wired networks are even more vulnerable
>given a proper wiretap.
> http://www.irongeek.com/i.php?page=security/tonystap
>
>>Foundstone, a division of McAfee, cautioned that the tools needed to
>>carry out such attacks are freely available on the internet and that
>>some distributions of Linux are specially pre-configured for these
>>tasks.
>
>No. The various LiveCD distributions of Linux contain all the tools
>but are not pre-configured for an automated attack. For example see:
> http://www.remote-exploit.org/index.php/Auditor_main
>I'll admit that the proceedures are well documented on the web, but
>they have not been fully automated. If you happen to know of a ready
>to attack Linux distribution, I would be interested in knowing the
>URL.
>
>>No specialist knowledge is required to break a wireless network's
>>encryption so there's a wider pool of potential hackers to guard
>>against.
>
>Really? It took me almost an entire day to figure out how to get
>NDISwrapper to work with my piece of junk laptop. I got more than a
>few suprises when trying to crack WEP. Read about WEP+ for details.
>
>>WEP encryption is particularly susceptible to 'network sniffing'
>>whereby malicious users listen in on the packets of information being
>>exchanged between computers. When enough packets have been gathered it
>>becomes almost trivial to crack the encryption and reveal the
>>network's password.
>
>It's not a password. It's a shared encryption key. It is also NOT
>trivial to recover the key once a sufficient number of packets have
>been gathered. WEP cracking relies on two assumption.
>1. That a sufficient number of "interesting" initialization vectors
>can be sniffed.
>2. That a dictionary attack on these IV's will be successful.
>Both assumptions have their limitations and are often a problem. In
>the case of WEP+, I sniffed continuous traffic for perhaps 3 hours and
>never caught a single "interesting" IV. (With ordinary WEP, I had
>what I needed in about 10-15 minutes).
>
>>WPA can be easily exploited by evesdropping on traffic when computers
>>sign onto a network - during the handshaking process.
>
>Totally wrong. Moronic and trival WPA key selection can make WPA
>susceptible to dictionary attacks, but a proper WPA key has yet to be
>cracked.
>
>>Foundstone underlines the importance of choosing a secure password that
>>won't be vulnerable to a dictionary attack and changing the network
>>key often.
>
>How often? How will changing the key solve a security problem? If it
>can be cracked with one key, why should a different key be any more
>secure? It's either secure, or it's not. There's no in between.
>
>>It says that 10 per cent of people still use one of the top
>>50 most common passwords.
>
>99.73% of all statistics are wrong.
>
>>For commercial wireless use, Foundstone recommends that IT managers
>>assume that anyone can break the network key and that it should only be
>>the first of a layered defence against intrusion.
>
>Excellent advice. Just let the hackers into the wireless systems and
>rely on an obstacle course of secondary security measures to protect
>the network. Of course, these secondary security measures have to be
>planned, sold, bought, administered, and tested. Hmmm... Foundstone
>is in what business? Perhaps security consulting?
> http://www.foundstone.com
>I like the business plan. Create confusion and complexity. Solve it
>with the company's consulting service.
>
>They even train the attackers:
> http://www.foundstone.com/team/events/blackhat/
>Only $2100 per class.
>
>>Martin Pivetta, market development manger at McAfee, says he is
>>highlighting this issue 'not to sell products but to create
>>awareness.
>
>Yep. I'm very aware there's a problem at McAfee.
>
>>- Marc Delehanty
>>To Read More : www.knowingabout.com/wifi
>
>That's just a copy of your posting. Nothing more to read. Nice try.
>

fundamentalism, fundamentally wrong.

On Mon, 31 Jul 2006 20:41:05 GMT, (E-Mail Removed) (Rico) wrote in
<6Vtzg.3152$(E-Mail Removed)>:

>In article <(E-Mail Removed)>, Jeff Liebermann <(E-Mail Removed)> wrote:
>>"KnowingAbout.com" <(E-Mail Removed)> hath wroth:
>>
>>>Wireless networks are extremely vulnerable to intrusion from hackers -
>>>even with encryption switched on, say leading security experts.
>>
>>Sounds like something that a security expert, which has never attended
>>a security conference, would say. It's vague, overly general,
>>alarmist, only partially true, and reads like a press release.
>
>ding ding, Jeff wins the prize. <grin />

What prize? There's a prize for stating the obvious?
Rats! Wish I'd known.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

In article <(E-Mail Removed)>, John Navas <(E-Mail Removed)> wrote:
>On Thu, 27 Jul 2006 20:09:38 -0700, Jeff Liebermann
><(E-Mail Removed)> wrote in
><(E-Mail Removed)>:
>
>>John Navas <(E-Mail Removed)> hath wroth:
>>
>>>Whether a URL exists or not isn't necessarily meaningful -- such stuff
>>>is passed around over IRC, filesharing, and other non-web channels.
>>>I've seen it. Security experts know that it's not safe to assume
>>>something doesn't exist just because you haven't see it yourself.
>>
>>Then, I guess it's not "freely available".
>
>Bad guess IM(no)HO(c) -- it's quite free in those circles. You should
>check around before assuming these venues don't matter -- IRC, for
>example, is a favorite black hat mechanism for a number of fairly
>obvious reasons.

And yet with two chances already you can't back yourself up with the url to
one of these freely available automatic distros. Hmmm, Jeff suggests
doesn't exist quite that easily, you say it does, but can't seem to find
it. Wonder to the casual observer who might be right here. Obviously you
since you seem unable to back up your claim in two oportunities. Care to
prove us wrong in your third chance to post definatively on the subject?
All it takes is a link.

>
>>>Really. There are a lot of folks out there with the time and incentive
>>>to do it.
>>
>>The comment was about not requiring specialized knowledge. ...
>
>I wasn't talking about specialized knowledge -- I was talking about
>black hat communities that are happy to make things easy for newbies.
>
>>>Because keys may be compromised in a number of ways that may well be
>>>unintentional, and it's cheap insurance to limit the damage by changing
>>>them, as many (most?) security experts recommend; e.g., Cisco:
>>><http://www.cisco.com/public/news_training/security_measures.html>
>>
>>Right. With a shared key system, such as WEP and WPA, all the clients
>>have to also change their encryption keys. Therefore a large number
>>of people will know the key. One leak and it's compromised. Methinks
>>using WPA-RADIUS which automagically delivers a unique key for each
>>session makes much more sense.
>
>Of course. But that doesn't solve the basic problem of a static
>defense, as the French learned to their dismay in WWII. Can you say,
>"Maginot?"
>
>>However, if juggling keys every few
>>months makes one feel secure, I'm all for it.
>
>Good, because it actually makes one more secure.
>
>>Incidentally, one IT department sorta followed the proper proceedure
>>for regularly changing WPA keys. They emailed a list of the WPA keys
>>for the next few months to all those that needed to know. AFter about
>>a month, the keys were all over the company. After that fiasco, an IT
>>person personally types in the WPA key into everyone laptop. The
>>users doesn't know the key. End of the leak problem. About a month
>>ago, they went to RADIUS servers. End of the key juggling problem.
>
>Great if you have corporate RADIUS servers, or the expertise to run your
>own. Not great for the majority that don't. Even better to require
>authenticated VPN in the enterprise -- RADIUS alone for a serious IT
>operation doesn't impress me, not to mention an IT group dumb enough to
>email keys. (LOL)
>
>>>This threat is real, and it's not helpful to trivialize it.
>>
>>I'm not trivializing the threat. I'm merely pointing out some
>>problems with the common perceptions and suggested solutions. Let's
>>just say my style (or lack of it) is not exactly mainstream.
>
>I'll take your word for it.
>

fundamentalism, fundamentally wrong.