Date: Mon, 19 Nov 2007 15:55:07 -0800 From: "Mark D. Foster" <mark@foster.cc> To: Josh Paetzel <josh@tcbug.org> Cc: freebsd-security@freebsd.org Subject: Re: testing wireless security Message-ID: <4742225B.6020107@foster.cc> In-Reply-To: <200711191321.44398.josh@tcbug.org> References: <200711191643.lAJGh3jb027972@lava.sentex.ca> <200711191321.44398.josh@tcbug.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Josh Paetzel wrote: > When I looked in to this it seemed that the current state of affairs is that > WPA can only be broken by brute-forcing the key. I don't recall if that > could be done 'off-line' or not. My memory is that the needed info to > attempt bruteforcing could be done by simply receiving....no need to attempt > to associate to the AP was needed. I'm not really interested in > disseminating links to tools that can be used to break wireless security, but > simple google searches will give you the info you need.....and the tools are > in the ports tree for the most part. > > Fortunately WPA allows keys that put even resource-rich attackers in to the > decade range to bruteforce. > That would not appear to be a limitation of aircrack-ng http://www.freshports.org/net-mgmt/aircrack-ng/ aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover this keys once enough encrypted packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact aircrack is a set of tools for auditing wireless networks. That said, I haven't (yet) tried it myself ;) -- Said one park ranger, 'There is considerable overlap between the intelligence of the smartest bears and the dumbest tourists.' Mark D. Foster, CISSP <mark@foster.cc> http://mark.foster.cc/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4742225B.6020107>