ALERT: WPA can be less secure than WEP

You underestimate the ability to download a ready made ISO with all the tools loaded! :)

David.

David Taylor wrote: Snip,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

The hard part was getting a wireless card that worked with it. :)

Rob

You clearly don't have a cupboard full of wireless cards to choose from?!! :)

I have a bundle, somewhat frustrating that the linux heads can't even write a load of tools and let it all work with just one card. Having to have different cards for different tools is such a pain.

David.

Hey, it's not our fault that the manufacturers won't publish specs so that we can write tools to work with all the cards. Basically, you're reduced to using a few chipsets that have published the APIs, the fewer that release binary drivers, or anything that lets you use the windows drivers under ndiswrapper. Because of the different ways those methods work, some tools won't work with all of them.

I simply chose my laptop based on the fact that it had a wireless NIC that I already knew was well supported.

Yeah I know, I was just having a fun dig at the Linux folks, see who I could catch ;)

David.

Sounds almost like "blame the victim".

I beg to differ. Methinks the real problem is the manufacturers unwillingness to deliver a product that's secure out of the box. All that would be necessary is to deliver the wireless router with:

1. A pre-assigned WEP or WPA pass phrase.
2. A pre-assigned unique SSID.
3. A pre-assigned router config password. At the very worst, the wireless should be disabled until configured properly. At this time, only 2Wire.com delivers wireless routers in this manner, with the SSID and passwords printed on a label attached to the router.

I tried to convince one manufacturer that they should do this, but they claim it will create "confusion" among the customers or is too difficult to manufacture. It will also affect the customers OBE (out of box experience). Can't have that happen.

The only argument that seems to get their attention is that it creates a potential liability situation. The outside of the box proclaims all manner of security features, but there's no warning to the customer that these security features are delivered disabled by default. The typical customers perception is that it's a secure router, with no additional effort on their part. I contend that any consequential damages might be actionable in court, but not being an attorney, my opinion carries little weight.

I run into users that buy wireless routers, but don't have any wireless clients. The logic is that they "might" need the wireless later when they buy a laptop. Meanwhile, the wireless section of the router is left enabled and wide open for anyone to use. When I mention the security implications, they often don't understand the nature of the problem. Maybe a front panel wireless on-off switch would be more useful for these.

Which would you rather do? Which is easier? Educate the GUM (great unwashed masses), or just get the manufactories to clean up their default installation?

I don't think it will work with Atheros chips. See:

a general clue as to supported cards. Basically, you try it, see if it works, and buy something else if it doesn't.

Note that this is basically the Knoppix runtime and has most of Knoppix features and supported software. However, Knoppix has gone a bit farther in driver support than the Security Auditor CD and might be a better LiveCD.

I use a no-name Prism 2 b/g card I bought on eBay for $25. Also my Orinoco Silver card works (for 802.11b only).

Well, that's one of the supported cards. You win. Read:

"To take advantage of SES, you must use a client adapter that's also SES-capable, like the WPC54GS CardBus adapter (Linksys also offers SES-compatible PCI and USB adapters)."

It also only works with WPA-PSK, not WEP.

Do you see a problem here perhaps? On the client end, it's all in the driver software, but that has to be licensed from Broadcom. I don't see a rush to license SES by other vendors unless it's endorsed by the Wi-Fi Alliance. At least HP will eventually support SES.

Also: "...it doesn't disable the SSID broadcast, which is generally considered a helpful (albeit modest) security measure. It also doesn't enable MAC filtering or force you to change the router's default administrator password."

It's been around for a while since the intro of the WRT54G v3

Attempts, but they did not succeed, the 'kids' wardriving are looking for open networks. I'm not for a moment saying you should not apply WEP or WPA, I'm just saying there is no need in suburbia to go crazy over the passphrase. Now a business should indeed be more careful as there are people out there actually trying to get data off a business's network with the idea of getting hold of trade secrets etc.

Seriously, one weekend (apply appropriate other security measures to protect your computers) weaken your passphrase to something simple (the dog's name, your little girl's name), switch to WEP on one of your APs so they can have an 'easy' target to attack and see if they actually spend the time to successfully crack your network. Won't happen. Now if you switch your A network to no security, the factory defaults, of course they are in in a minute, but that isn't what I'm saying.

I contend and no one has shown me documentation too the contrary that very basic precautions are more then enough for a home network. WPA or WEP is plenty with just a basic passphrase that isn't real obvious (don't use the house number or zip code or your last name).

fundamentalism, fundamentally wrong.

Gotta get the module loaded for that card. So you gotta have a card that is supported. I' holding off installing Linux on a spare latptop I 'inheritted' from a customer recently because I'm having an issue getting the wireless card I want to use supported.

I'm not saying take no precautions, but the basic steps are fine and more then enough for a home network. Use one of the encription schemes WPA or WEP and use a less then obvious passphrase and you are covered. Even a wardriving kid who can't get a date on Friday night will cruise by you see your network (SSID) maybe make an attempt, get bored and move down the block to the open network. People are lazy and kids are easily bored. If there are easier pickings down the street why put in the effort to break into a secure network. It isn't that the alarm on your door actually keeps a determined burglar out but why bother when the house next door has no alarm.

Now what I would like to see is a way to hack past the proxy at a McDonalds and get free internet while clogging my arteries.

fundamentalism, fundamentally wrong.

Please point me to that ISO with support for my WPC55AG version 1 card. (I would prefer Fedora, but will take what I can get) Thanks.

fundamentalism, fundamentally wrong.

bingo!!! My point exactly.

fundamentalism, fundamentally wrong.

But you underscore my point, yes you can find card(s) that can do it, but look at what a hassle it is for the average kid with a somewhat limited budget.

fundamentalism, fundamentally wrong.

Rico wrote: Snip..............................................

The main problem is that people are either too lazy or don't understand the eqpt they are using so they don't take any precautions at all.They believe the hype about straight from the box and hardly ever read the manuals.This applies to computers in general as well as wireless.

I live on the outskirts of a small town and within wireless range of my network there are 3 other networks:- 1. ad-hoc no security 2. Hidden SSID no security 3. Hidden SSID encrypted No3 actually uses WPA(I know the owner} though it shows up as WEP with the "Sniffer". We therefore have 50% of the networks can easily be "utilised" by other people. The main problem lies in educating people so that security becomes a habit and not an afterthought.Electronics and the hacker do not stand still so neither should the user.

Rob

Jeff has already posted a link to this "Live CD"

Whether this works with your card I don't know although it seems to work with "Atheros" chipsets.We originally had 4 laptops in the house and none of their original cards were recognised so I ended up getting a second hand one from a computer fair.There is a list of known working cards on the site but I don't know when it was last updated.

Rob

You're right that we should lay the blame in the right place - it's true that the average person buying a wireless router has no idea what they're doing so it's really the manufacturer's responsibility to make things as secure as possible "out of the box".

pre-assigned _unique_ key - not generated sequentially like their MAC addresses are (my two Linksys routers, bought at the same time, have sequential MACs).

Good for them!

As much confusion as is caused when they start up their Linksys or Netgear router and their laptop finds half a dozen local APs with the same SSID?

It's taken a whole lot of threatening of lawsuits to convince Microsoft that security is important - and I'm still not convinced the majority of people working there are convinced of it. The router manufacturers are probably going to need to be named in a suit or two before they do anything.

I'm all for educating the GUM - education is a good thing :-) But selling unsecured routers is like the phone companies selling you a private line but actually giving you a party line (for you young'uns, there was once a time when you not only didn't _need_ a warrant for a wiretap, but listening in on phone calls was the community's favorite pastime).

Snip..................................

Snip....................................... Mine uses "atheros" I used the list at

find a suitable card.

Have you ever looked at any of the security live CD's with all the drivers ready to go?

Nothing to load.

David.