Question about Wireless

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
User avatar
jtwitchell
Member
Posts: 52
Joined: Sun Nov 04, 2007 10:05 am
Location: Chandler, AZ USA
Contact:

iPod Wireless

#11

Post by jtwitchell »

If I were wanting to do this, the best application to do this would be aircrack. Granted it would take a lot of time to crack WEP or WPA, etc... but just have a laptop setup and left in a building for a week and you may get enough packets to crack the key. The key to cracking WEP is quantity of packets and getting the right packets. You could use tools like NetStumbler to look around your building for rogue access points. Since you have an iPAQ, you may be able to run MiniStumbler or other Windows CE wireless sniffers. Also, double check your Cisco equiment and make sure that the default passwords have been changed. You could also throw a sniffer onto the Internet connection to see if he is really getting to the outside world. You can use WireShark for that.

Would this type of breach be a concern, depends. If he can access sensitive information, then yes it is a concern. If he is doing illegal things on the network, yes, that will be a concern. Is he learning the gospel and becoming enriched by its use? Hard to say... If one person can get in, others can so it is best to find out how it is happening.

Quick Update: The application the person might be using is Stumbler for the iPod. See http://code.google.com/p/iphone-wireless/. Don't know if it has cracking ability, but it can capture raw packets and those can be used to find a WEP/WPA/etc key.
"I reject your reality and substitute my own."
russellhltn
Community Administrator
Posts: 31326
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#12

Post by russellhltn »

net_runner wrote: but just have a laptop setup and left in a building for a week and you may get enough packets to crack the key. The key to cracking WEP is quantity of packets and getting the right packets.
Maybe it was a different thing, but I thought there was a active method - by transmitting one was able to cause packets to be sent that you could then capture. That cuts down the time to crack considerably.

Of course this points out why I'd prefer to see clerk computers hard-wired. What's secure (encrypted) today may not be secure tomorrow (new crack). But you can't sniff what isn't transmitted.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 11:13 pm
Location: Lancaster CA

*sigh*

#13

Post by skiptaylor »

Due to unforeseen circumstances I was unable to see this operate today. I'll try to figure this out during the week sometime and see what is going on with this.

I don't stay very aware of Apple products so I was caught a bit unawares with the iTouch. It appears to be an iPhone without the phone from what I can tell.

Thanks for all the suggestions though, I think I'm learning!
Skip Taylor :eek:
Lancaster CA.
skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 11:13 pm
Location: Lancaster CA

#14

Post by skiptaylor »

RussellHltn wrote:Of course this points out why I'd prefer to see clerk computers hard-wired. What's secure (encrypted) today may not be secure tomorrow (new crack). But you can't sniff what isn't transmitted.
I agree 100%. This is why we will have WIRES to the clerk computers if I have anything to say about it... (for now I do have a LOT to say about it. :))
Skip Taylor :eek:
Lancaster CA.
russellhltn
Community Administrator
Posts: 31326
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

WPA Cracked

#15

Post by russellhltn »

RussellHltn wrote:Of course this points out why I'd prefer to see clerk computers hard-wired. What's secure (encrypted) today may not be secure tomorrow (new crack). But you can't sniff what isn't transmitted.
Well, I knew this was coming. I just didn't know it would be so quick.

ZDNet news: No longer safe: WPA encryption cracked in 12 to 15 minutes. Reading the article, the code is already in one cracking tool.

So if you can possibly do so, hardwire the clerk computers and use WPA2 for wireless.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
User avatar
jtwitchell
Member
Posts: 52
Joined: Sun Nov 04, 2007 10:05 am
Location: Chandler, AZ USA
Contact:

Crack WPA

#16

Post by jtwitchell »

That is funny, I just saw that article as well. There was another article at http://www.itworld.com/security/57285/o ... on-cracked that indicates some of this new technique has already been added to Aircrack-ng. Despite this crack, it sounds like it takes going to take quite a bit of processing power to do it and I don't think the iPod has that capability. I would still look for rogue APs. If the device is an iPhone instead of a iTouch, a full data plan is required when you get the phone from AT&T. I will be interested to see what additional details you can provide.
"I reject your reality and substitute my own."
russellhltn
Community Administrator
Posts: 31326
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#17

Post by russellhltn »

net_runner wrote:I would still look for rogue APs.
Now that sounds like a fun project. Fox hunt anyone?
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
User avatar
Mikerowaved
Community Moderators
Posts: 4401
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

#18

Post by Mikerowaved »

This is only a "partial" crack, in that even if successfully exploited, it can only decode packets going from a router to a computer and not the reverse. WPA2 is still secure, but some older devices don't support it. (Hummm... same argument why WEP is still in use in some installations. :rolleyes: )

The researcher Erik Tews, is supposed to provide more information on it tomorrow.

And no, this is not (currently) something a handheld device can utilize.
So we can better help you, please edit your Profile to include your general location.
skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 11:13 pm
Location: Lancaster CA

#19

Post by skiptaylor »

RussellHltn wrote:Now that sounds like a fun project. Fox hunt anyone?
I've installed WiFiFoFum onto my Pocket PC. I'll see what it locates in the building.
Skip Taylor :eek:
Lancaster CA.
skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 11:13 pm
Location: Lancaster CA

#20

Post by skiptaylor »

I was reading another thread (http://tech.lds.org/forum/showthread.php?t=2250) on here that mentioned networking by power lines already in place. I believe they were Cisco/Linksys units someone had linked to.

How are these for security? Has anyone worked with one before? Is there a good place to learn of this technology?
Skip Taylor :eek:
Lancaster CA.
Post Reply

Return to “Meetinghouse Internet”