Today I got the message that unknown computers are connected to the wireless network on my firewall. Usually, it just shows other computers in our household, since 2 or 3 PCs have internet connection on our network.
But today, it showed an entirely different IP adress, as if someone from outside tried to log in to our network.
I searched for a better program to be able to detect and eliminate wifi intruders, and found "air snare", but it doesn't start, says a file is not properly registered. In the online help it says the computer on which you install air snare should be directly connected to the router. This is not the case, since our router (D-Link DI-624+) is directly connected to a Apple Macintosh computer.
Could you maybe tell me where to find other WiFi intrusion detection programs, and how to install and use them?
Just a heads up (may not apply in your case), but one of my new wireless computers (a tablet/notebook combo) sometimes shows as extra devices on the network (and uses a different workgroup name), but never when it's turned off. I'm guessing the pc and tablet part combo are doing something strange internally.
I am a little naive on password cracking algorithms so I figured I would ask this question. I have noticed many individuals and companies have started using passwords like "highway soothe location bard great furry". Is this type of password any less secure than say "jdieJKndk&ksjjs2$djJOEksl@" since the previous passwords has dictionary words?
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
Password/phrase strength is defined in terms of entropy, which can be calculated. The advantage of a passphrase of random real words is that it's easier for people to work with, reducing the chance of error and of people writing it down in an insecure way. The drawback is that it takes more characters to achieve the same level of entropy as a password of random characters. But if sufficient extra characters are used a passphrase of random real words can have just as much entropy (strength) as a password of random characters.
A good way to generate a strong passphrase is with "diceware words" -- see , and the Diceware FAQ :
How long should my passphrase be? ... In their February 1996 report, "Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security" a group of cryptography and computer security experts -- Matt Blaze, Whitfield Diffie, Ronald Rivest, Bruce Schneier, Tsutomo Shimomura, Eric Thompson, and Michael Weiner -- stated:
"To provide adequate protection against the most serious threats... keys used to protect data today should be at least 75 bits long. To protect information adequately for the next 20 years ... keys in newly-deployed systems should be at least 90 bits long."
A five-word Diceware passphrase has an entropy of at least 64.6 bits; six words have 77.5 bits, seven words 90.4 bits, eight words 103 bits, four words 51.6 bits. Inserting an extra letter at random adds about 10 bits of entropy. Here is a rough idea of how much protection various lengths provide, based on updated estimates by A.K. Lenstra (See
formatting link
Needless to say, projections for the far future have the most uncertainty.
Four words are breakable with a hundred or so PCs. * Five words are only breakable by an organization with a large budget. * Six words appear unbreakable for the near future, but may be within the range of large organizations by around 2014. * Seven words and longer are unbreakable with any known technology, but may be within the range of large organizations by around 2030. * Eight words should be completely secure through 2050.
Entropy of random passwords can be estimated from NIST guidelines (Special Publication 800-63, Electronic Authentication Guideline). For random passwords of all printable characters the entropy is about 6.6 bits per character. *Thus 12 random characters from the entire printable set would be needed for 79.2 bits of entropy, roughly the same as six diceware words.*
A narrower range of characters decreases entropy bits per character, and would thus have to be longer for the same level of entropy. Non-randomness likewise decreases entropy bits per character.
I am and remain utterly amazed at how many people think James Bond (or M) are trying to break into their home networks. It is just mind numbing. I guess preaching fear has worked really well, the terrorists are coming, the commies are under your bed and the boogie man is behind that tree. Reality check: Even the simplest passphrase is more then enough to secure your home network. James Bond and the NSA ARE NOT trying to hack your network. In an office environment this might be different, but if you have that large a concern at the office, stick to a wired network.
Diceware phrases and the Beale list, give me a break and try to return to reality. The dog's name is more then enough for a passphrase for your home network. You can even be secure behind WEP encryption. NONE of your neighbors is installing Linux on his laptop so he can sit outside your house and break into your network and anyone who tells you otherwise is just plain nuts. It isn't happening and has never happened on a home network. John, you are the security 'expert' please provide a single documented instance of a home network being violated that was employing even the simplest of passphrases for either WEP or WPA. Come on I dare you. (not some it can be done crap, a case where it HAS been done in the real world and not the CS lab at Dumb Ass U.)
Never happened, all this stuff above is just so much fodder for the scare mongers. Concerned about your bank accounts, this data is sent using secure sockets, the security of your network is not your exposure.
Boo the boogie man is out to hack your internet connection... What a joke.
I strongly disagree. I've seen clear evidence of a number of dictionary and brute force attacks on home wireless networks, and have gotten reports of others. Software to do this is readily available. Perpetrators include bored/irresponsible teenagers, wardrivers, and the like.
As for government surveillance, there is a very real possibility of that happening, albeit at the ISP/carrier level, rather than at the home wireless network level. No matter how secure your home wireless network, your unencrypted email (for example) is exposed throughout its path.
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
Note that routers may show a device on the wireless network long after the device has disappeared. It may simply be that you had some other device on the wireless network in the past.
If you're concerned, change your pass phrase. It's a good idea to do that regularly in any event.
I really don't believe James Bond is trying to get into my network (and as John says, the NSA won't bother at that level). But I can't agree that "the simplest passphrase" is enough. Dictionary attacks are simplicity. WEP can be hacked automatically.
You _should_ have that concern in any office. Most countries now have privacy legislation that requires that you protect information on corporate systems. That shouldn't prevent use of wireless.
I'd at least modify the dog's name a bit - there's really no need to make it easy for the kid next door. (I've been known to use _dead_ dog's names!).
No, _your_ position is nuts. The odds of it happening are pretty small, but (a) your neighbors' kids are already installing Linux on their laptops and (b) your neighbors' kids are already hacking. I'm not concerned about people intentionally breaking into my network to steal anything - I'm concerned about bored teenagers (or at least, I would be if I didn't live so far off the beaten track that the only bored teenagers I see are on ATVs or drinking beer & smoking dope in dad's car).
But that's not relevant to the issue of wireless. Your unencrypted email is just as exposed if you use a wired network.
And yet, not a single varifiable link. Software for this is NOT readily available, linux is installed on what 1%/2% of computers in the US, of that how many are laptops (exclude servers in the office acting as firewall/Apache machines, they won't be dragged into your neighborhood). I notice and remind again, you've heard/seen is hardly anything you can back up. No, I can't prove a negative, but you seem unable to back your assertion that it has happened to a secured home network (secure here being WEP with a password of say 'dog' or one of the kids names -three letters)
And no Beale list or Diceware list is going to prevent this type of ease dropping is it? Selling fear here aren't we, not a real threat that this discussion has anyuthing to do with, but hey its something to be scared of...
And is exposed through out its path with your WAP having a 1 Million character passphrase once it hits the ISP side of your internet connection. Again this has NOTHING to do with some silly dance over a passphrase to your WAP. No sign or evidence that the cat's name is not more then enough to secure your wireless connection. Unless of course ou are puching fear.
Say John, thought about running for office, politicians make careers out of pushing fear. The boogie man is out to get the home networker.
Not a single link, not a single documented instance. Not one.
The sun could explode also, what are you doing about that?
I'm confused here, where in the post you are responding to was there any mention of NOT securing the office lan?
And yet, you can't show wher ethis has ever happened can you. Using the dogs name or the word cat or even a single letter.
Back this up with a single documented instance of even minimal security being applied to a home network and it being hacked. Not asking for two, just a single one. The boogie man is not hidden behid the tree in your back yard.
And you think the dpoers are going to be breaking into home networks? Get serious, they are hard pressed to get the motivation to make it to school tomorrow.
No need to install linux, just use a bootable hacking CD.
There will never be a WEP key of "dog" or anything similar, WEP is either 64 or 128 bits of key material. Don't confuse the WEP key generators that take a passphrase, they don't make a secure WEP key as there's no such thing.
You *are* mistaken.
I couldn't find a single link to a power strip which has the logo BORL on it. It's one that takes multiple types of plug and I bought it in Kuwait. The irony is that on the back it says "Made in England" which is where I live. Now I know that I have this product, in fact I have two and not just me, there are plenty in the shops in the Middle East but seriously and I invite you to search too, I *cannot* find any reference to it either on the web or usenet so by your judgement it cannot exist. It does.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.