[Dshield] DI-624 encryption - Run it if you have it!

Mark markt442 at yahoo.com
Wed Feb 25 00:54:47 GMT 2004


I'm very interested, how many wlan keys have you
cracked? There 'were' several issues with key exchange
that were leveraged a few years ago, but most vendors
have closed those holes. I'm assuming that you've
based your position on a whitepaper that's a few years
old - "Intercepting Mobile Communications – The
Insecurity of 802.11, by Nikita Borisov et-al, UC
Berkley."

Brute force is still a tactic with tools like
AirSnort, but well chosen keys (like passwords) are
more difficult to brute force. Any 'static' mechanism
should demand the same type of attention that a user
pays to passwords, develop a routine to change them
based upon the asset value.

I would recommend deploying WEP if that is what the
person has and can afford. I personally believe that
any layer that can "slow" someone is better than no
use of that technology. Several industry luminaries
have agreed - WEP isn't bad. On the other hand, WPA
(formerly known as TKIP)has been adopted to address
the "concerns" with WEP and many vendors have been
updating products with firmware upgrades etc. I
haven't seen an install yet using 128bit keys with the
"initialization vector" patches applied. 

Combine WEP or WPA with some open-standards stuff like
FreeSwan and you could easily 'enhance' the security
of running a wlan with vpn services across it. Dr.
Dobbs had an article a ways back on deploying a cheap
home vpn over wireless. I'm certain a quick look in
"google-heaven" will bring up the article for those
interested.

Last, if you're in the US and don't have explicit
permission from "any" network owner (wireless or not),
cable operators and the like have a new charge called
"theft of service" that has been applied several times
in the US and Canada.

As always, an expert is no expert at all. I'm a
'thinker' and study security as a passion. Comments
welcome!

<<ATTACHED>>

From:	"Keith Bergen" <keith at keithbergen.com>
Subject:	RE: [Dshield] DI-624 encryption
Date:	Sun, 22 Feb 2004 10:20:08 -0500
To:	"'General DShield Discussion List'"
<list at dshield.org>

Michael,

I'm sorry that I cannot help with the D-Link setup
issues, but I had to
comment on using encryption for security. You need to
be aware that the 
data
encryption on the routers (64 bit, 128 bit, and 256
bit) can be cracked
fairly easily, and it doesn't take an expert.
Basically, all you need 
to do
is capture a few wireless packets, and you can break
the key. Changing 
your
key frequently can help you in the event that somebody
figures it out.

One thing that encryption does do for you is prevent
pesky novice 
neighbors
from using your internet connection. I have two
neighbors that have 
wireless
networks, and I can use them when mine is down because
they are wide 
open.

Keith.


__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools




More information about the list mailing list