Wireless sniffing

Yes, it is possible for someone to intercept your signal, without you knowing about it and it's also possible to break WEP.

Maybe i wasn't clear enough: Is it possible that someone cracked my WEP and is sniffing on my network w/o an IP address, like in promiscious mode?

Matt schrieb:

At first, a wep key can be cracked after sniffing about 500.000 enmcrypted packets with unique IVs. You can see the kismet information page on a WLAN to see some datails If you have less packets it will take some time to crack the key.

The AP is constantly sending out broadcast packets like beacon frames. They are not encrypted and so they don't help in decrypting the key.

Thomas

I wouldn't say useless, but not as useful as i had thought. Basically, i cracked my own WEP and because enough data went through the air to do this, i want to know if anyone else cracked it.

Just curious, if its so useless, what would you use?

No i haven't heard of radio towers. I'm not sure how that's possible since it's A) analog data B) nothing is sent from the radio, but enlighten me....

-matt

Yes , quite possible , but why ? would they do that ? I suggest if that is your suspicion you had best google for some security .

Wep is useless and can be cracked in 2 hours on a moderately used network by a 10 year old with open source software.

Also, have you heard of a radio tower than can detect how many radios are tuned into it?

Perfectly possible, but not *that* likely. You have to collect quite a lot of packets to crack WEP (I've tried on my own network), and it's probably not worth the effort. If you have kismet, you'd see them associate with the AP anyway.

Perhaps you should be asking, if there's anyone who hasn't cracked it. ;-)

I keeps out the casual intruder.

Analog/digital has nothing to do with it. If it's sent by radio, anyone within range can receive the signal and analyze it.

While I use WEP, it's outside my firewall, which requires ssh or vpn to get through.

Or vpn.

Heh heh heh, I was just emphasising the point that anyone with a normal lan packet sniffer and an 802.11b/g client adapter can receive all the packets sent out by any of the adapters on your lan, without "associating" or "connecting" to any of them :D

sure, wep is enough to hold of amateurs

The better access points implement TKIP and 802.11X, which has a key that changes rapidly and possiblity of an authentication server on the lan.

I hope that answers your questions.

So yes, it is possible for anyone to decode any traffic.

I would use ZIP files with long passwords to send sensitive information, as a quick fix.

And ssl connections for pop and smtp, https for web

Actually, I do use that!

Just use it and tunnel anything through a ssh (2), only allow ssh on the wireless lan (iptables), nothing else, force key authentication only. There shouldn't be much left for crackers and they'll probably look out soon for some other wlan.