Tech Forum

We have a Pix 501 with an Aironet 1220(?) for the wireless access. We are using LDSAccess Extended for the FHC as well as the Presidency.

I've been told of a person that managed to access the Internet via our net without knowing the passphrase. It appears he has an original iPod with something called Snoop on it. Apparently it has automated the break-in process.

I'll be talking with this person at Church on Sunday. I want to see this and how it works.

Talked to the GSD and they were of the opinion that it's not a really major thing.

Has anyone else heard of this? Would this illicit access be a major thing for you? Is there a way to prevent this?

Do you know what security is set up? Odyssey? WEP? WAP?

RussellHltn wrote:Do you know what security is set up? Odyssey? WEP? WAP?

WAP with TKIP and a passphrase. GSD told me they were phasing out Odyssey.

That's curious. It's possible a second profile has been loaded on the AP.

RussellHltn wrote:That's curious. It's possible a second profile has been loaded on the AP.

I had the GSD check that. They only see two profiles, the standard FHC Odyssey profile and the LDSAccess profiles. Can a profile be hidden from them?

I can't attach to it with my PDA (iPAQ 4350), all the PC's I've attached needed the passphrase. I'm not much on iPod's as I've only seen 2 or 3 of them. Are they that computationally powerful? I know WPA can be broken but it takes more than a few minutes from what I've seen on the Internet (and a LOT more than an iPOD!).

From my notes, the program on the iPod may be called Spoof instead of Snoop.
I've looked the Internet over via Google and cannot find either a Spoof or a Snoop application for an iPod.

I've also been looking around and have found out it's not easy to break WPA/TKIP.

So I'm wondering if someone gave this person the passphrase. This seems the most likely scenario.

Guess I'll find out on Sunday.

avskip wrote:I had the GSD check that. They only see two profiles, the standard FHC Odyssey profile and the LDSAccess profiles. Can a profile be hidden from them?

Others have reported that the two don't play well together and ultimately Odyssey had to be pulled. I think yours is the first report that the two have successfully been done. Maybe that's the problem.

WEP has been broken. I hadn't heard that WPA had been.

RussellHltn wrote:WEP has been broken. I hadn't heard that WPA had been.

WPA is only as secure as the key. Short passphrases with no symbols or punctuation can be broken without too much effort. The longer and more complex the key is, the effort required to crack it goes up astronomically.

RussellHltn wrote:Others have reported that the two don't play well together and ultimately Odyssey had to be pulled. I think yours is the first report that the two have successfully been done. Maybe that's the problem.

WEP has been broken. I hadn't heard that WPA had been.

We had to stop using the Odyssey profile due to it's bad interaction with the LDSAccess profile. All machines are on LDSAccess now. The two apparently don't play together well. The Odyssey profile still exists in the AP though.

There's a video on YouTube showing a WPA crack using a program on a Mac. From start to finish it takes under a minute. It uses a dictionary approach. It fails when there are more than one word or nonsensical strings for the passphrase.

It was an interesting journey. One site even told how to get in from the outside to see if there are MAC addresses stored and how to spoof the MAC addresses you get.

I wanted to correct this, it's not the original iPod he was using. It's the first generation iPod Touch (iTouch?) that he has.

Just wanted to set that straight.