 |
Windows 7: Major Flaw in Wi-Fi Protected Access Discovered
|
28 Dec 2011
|
#1 | |
64-bit Windows 7 Ultimate SP1 & Windows 8 Enterprise Texas |
Major Flaw in Wi-Fi Protected Access Discovered
Quote: The now widely used Wi-Fi Protected Access (WPA) standard is apparently not as protected as router makers had hoped. According to a new study, the PIN codes used to lock down the system can be brute forced on many devices by inputting incorrect PIN codes. Millions of routers and access points could be affected. Read more at: Maximum PC | Major Flaw in Wi-Fi Protected Access Discovered | My System Specs |
| Computer type PC/Desktop
System Manufacturer/Model Number Self built custom
OS 64-bit Windows 7 Ultimate SP1 & Windows 8 Enterprise
CPU Intel i7-3930K 3.2 Ghz (O/C 4 Ghz)
Motherboard ASRock X79 Extreme11
Memory 32 GB (8GBx4) G.SKILL DDR3 Quad PC3-19200 2400MHz
Graphics Card Sapphire HD5870 Eyefinity 6 2GB
Sound Card SB Recon 3Di Integrated Chip
Monitor(s) Displays 3x 27" Asus VE278Q
Screen Resolution 1920x1080
Keyboard Logitech Cordless Desktop MX 5500 Revolution
Mouse Logitech Cordless Desktop MX 5500 Revolution
PSU OCZ Series Gold OCZZ1000M 1000W
Case Thermaltake Level 10 GT Snow Edition
Cooling Corsair Hydro H100
Hard Drives 256GB OCZ Vector
160GB OCZ RevoDrive X2
2 x 1TB Samsung HDD HD154UI SATA
Internet Speed 50 Mb/s Download and 2 Mb/s Upload
Other Info Microsoft LifeCam Cinema
Lite-On iHBS212 12x BD Writer
Samsung CLX-3175FW Printer
Netgear WNDR3800 Router
Motorola SBG6580 Cable Modem
2x APC Back-UPS XS 1500
|
28 Dec 2011
|
#2 | |
Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit) Adelaide |
I was just reading about that
Quote: Summary: You know that easy to setup Wi-Fi access point or router of yours? It turns out that the easy to setup part is also easy to hack: Really easy to hack. ZDNet Wi-Fi Protected Setup is Busted | ZDNet
I've never trusted wireless.  | | My System Specs | | System Manufacturer/Model Number n/a
OS Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit)
CPU AMD Phenom II x6 1055T, 2.8 GHz
Motherboard ASRock 880GMH-LE/USB3
Memory 8GB DDR3 1333 G-Skill Ares F3-1333C9D-8GAO (4GB x 2)
Graphics Card ATI Radeon HD6450
Sound Card Realtek?
Monitor(s) Displays Samsung S23B350
Screen Resolution 1920x1080
Mouse Wired Optical
Case Tower
Hard Drives Western Digital 1 TB (SATA), Western Digital 1.5 TB (SATA), Western Digital 2 TB (SATA)
Internet Speed DSL
Other Info Ubuntu 10.04 (64 bit) replaced with Linux Mint 14 MATE (64 bit) - 2013-01-14
RAM & Graphics Card Upgraded - 2013-01-13
Monitor Upgraded - 2012-04-20
System Upgraded - 2011-05-21, 2010-07-14
HDD Upgraded - 2010-08-11, 2011-08-24
|
28 Dec 2011
|
#3 | |
|
hmmm
nsvander said ....
December 28, 2011 at 3:19pm
I actually just clicked the link, and you have the wrong terminology. You are confusing Wi-Fi Protected Access with Wi-Fi Protected Setup, the two are totally different. | | My System Specs | | Computer type PC/Desktop
OS Windows 7
CPU Intel i7 2600K
Motherboard Asus P8P67
Memory 8 Gig ddr3 1600 mhz - viper extreme (Patriot)
Graphics Card Nvidia 590
Monitor(s) Displays Lg 19 ", sony 42 " bravia
Mouse logitech wireless
PSU 1000 Watt Coolmaster : Silent Pro Gold
Case antec 1200
Cooling watercooled
Hard Drives one - samsung 840 series 465.76 GB SSD
two - wd 2 tB black
one - wd 1.5 tb black
one - wb 1 tb black
Antivirus Norton internet Security 2013
Other Info powerware 3.1 KVA FERRUPS with 4 - 1000 Amp Deep cycle batteries ...
|
28 Dec 2011
|
#4 | |
W7 x64 3rd Rock from the Sun |
I remember a Japanese guy saying well over a year ago that he would be able to crack WAP protection within two minutes using cracking software he'd developed on the very same principles, I'm sure it was published on El-Reg's website at the time... | | My System Specs | | System Manufacturer/Model Number Custom built machine
OS W7 x64
CPU Intel Q9300 2.5Ghz Quad LGA775 (Would like Q9650)
Motherboard Gigabyte GA-EP45T-UD3R (F6 Bios)
Memory 4Gb OCZ Gold 1,333Mhz
Graphics Card Palit HD4850 O/C Sonic 512Mb DDR3, Dual DViD's
Sound Card Azalia to twin Samson 50w Studio Monitors
Monitor(s) Displays Twin Dell (E-IPS) U2311H 23.6" Screens
Screen Resolution 1920 x 1080 @ 60Hz
Keyboard Cherry PS/2 custom model
Mouse Lenovo USB laser "Thinkpad" Mouse
PSU OCZ 600w
Case Lian-Li PC8 acoustifoamed' aluminium tower
Cooling Scythe 140mm Zipang
Hard Drives Crucial M4 SSD, archives on twin Western Digital Caviar Black WD2002FAEX, 2TB, 7200rpm HDD's, Samsung Ritemaster CD/DVD Burner...
Internet Speed ADSL2+ @14Mbps downstream & Cat6 Gigabit Ethernet
Antivirus NOD32
Browser Opera
Other Info Silicon Dust HD Homerun Dual FTA (Ethernet) TV Tuners, Dray Tek Vigor 2850Vn router and 8x HP Gigabit Switch. Lian-Li CR26 Card Reader, Canon MF4430 iSensys laser printer/scanner.
|
29 Dec 2011
|
#5 | |
Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit) Adelaide |
Quote: Originally Posted by Total  hmmm
nsvander said ....
December 28, 2011 at 3:19pm
I actually just clicked the link, and you have the wrong terminology. You are confusing Wi-Fi Protected Access with Wi-Fi Protected Setup, the two are totally different. I think that error has been fixed.
Since my wireless networking classes, I've always thought that the WPS (Easy Setup) was a disaster waiting to happen. WPA-TKIP (Encryption) has been cracked. http://en.wikipedia.org/wiki/Wi-Fi_P...hared_key_mode http://en.wikipedia.org/wiki/Tempora...tocol#Security
Last edited by lehnerus2000; 30 Dec 2011 at 10:32 PM..
Reason: Additional, Clarification
| | My System Specs | | System Manufacturer/Model Number n/a
OS Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit)
CPU AMD Phenom II x6 1055T, 2.8 GHz
Motherboard ASRock 880GMH-LE/USB3
Memory 8GB DDR3 1333 G-Skill Ares F3-1333C9D-8GAO (4GB x 2)
Graphics Card ATI Radeon HD6450
Sound Card Realtek?
Monitor(s) Displays Samsung S23B350
Screen Resolution 1920x1080
Mouse Wired Optical
Case Tower
Hard Drives Western Digital 1 TB (SATA), Western Digital 1.5 TB (SATA), Western Digital 2 TB (SATA)
Internet Speed DSL
Other Info Ubuntu 10.04 (64 bit) replaced with Linux Mint 14 MATE (64 bit) - 2013-01-14
RAM & Graphics Card Upgraded - 2013-01-13
Monitor Upgraded - 2012-04-20
System Upgraded - 2011-05-21, 2010-07-14
HDD Upgraded - 2010-08-11, 2011-08-24
|
30 Dec 2011
|
#6 | |
|
You should read the links you post before commenting. | | My System Specs | | System Manufacturer/Model Number Samsung rv520
OS Windows Seven, Ubuntu
CPU Intel
Graphics Card Intel
|
30 Dec 2011
|
#7 | |
Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit) Adelaide |
Quote: Originally Posted by bigcitycat You should read the links you post before commenting. Sorry?
I think that the links make it clear that WPS and WPA-TKIP are now vulnerable.
WPS (Easy Setup) can be broken by a "brute force" attack. http://sviehb.files.wordpress.com/20...hboeck_wps.pdf
WPA-TKIP (Encryption) has been broken by at least two different groups of researchers (and a "blogger"). Quote: Another dozen used WPA (Wi-Fi Protected Access), with the built-in Temporal Key Integrity Protocol (TKIP) security protocol. There, I used a rainbow table, a list of the most common WPA passwords, to pop open APs almost as quickly as I could open up a coke bottle. I also managed to pry open a pair of routers using WPA2 (Wi-Fi Protected Access 2) with TKIP using rainbow table. ZDNet Firesheep’s Real Lesson: Take Wi-Fi Security Seriously | ZDNet
Last edited by lehnerus2000; 30 Dec 2011 at 10:36 PM..
Reason: Quote Added
| | My System Specs | | System Manufacturer/Model Number n/a
OS Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit)
CPU AMD Phenom II x6 1055T, 2.8 GHz
Motherboard ASRock 880GMH-LE/USB3
Memory 8GB DDR3 1333 G-Skill Ares F3-1333C9D-8GAO (4GB x 2)
Graphics Card ATI Radeon HD6450
Sound Card Realtek?
Monitor(s) Displays Samsung S23B350
Screen Resolution 1920x1080
Mouse Wired Optical
Case Tower
Hard Drives Western Digital 1 TB (SATA), Western Digital 1.5 TB (SATA), Western Digital 2 TB (SATA)
Internet Speed DSL
Other Info Ubuntu 10.04 (64 bit) replaced with Linux Mint 14 MATE (64 bit) - 2013-01-14
RAM & Graphics Card Upgraded - 2013-01-13
Monitor Upgraded - 2012-04-20
System Upgraded - 2011-05-21, 2010-07-14
HDD Upgraded - 2010-08-11, 2011-08-24
|
30 Dec 2011
|
#8 | |
Windows 7 Home Premium 64-bit SP1 Texas |
So is AES still decent, or has it been broken too/ | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Self Build
OS Windows 7 Home Premium 64-bit SP1
CPU Intel(R) Core(TM) i5-3330 CPU OC@ 3.4 GHZ Turbo
Motherboard MSI Z77MA-G45 (MS-7759)
Memory 8.00 GB DDR3 1600Mhz OC@1866
Graphics Card Zotac GTX 660
Sound Card Realtek High Definition
Monitor(s) Displays Dell S23O9W, HP L1710
Screen Resolution DELL-1920 x 1080 HP-1280 x1024
Keyboard Logitech
Mouse Logitech G500
PSU Corsair TX550M
Case Zalman Z12
Hard Drives Crucial m4 256 SSD WD 7200RPM 500GB
Antivirus MSE
Browser Chrome, IE 10
|
30 Dec 2011
|
#9 | |
Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit) Adelaide |
CCMP (AES) is still good
Quote: Originally Posted by Dude So is AES still decent, or has it been broken too/ Currently AES is "still standing".
Who knows for how long though. Quote: If you really want to secure a Wi-Fi network in 2010 you must use WPA2 with Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), aka Advanced Encryption Standard (AES). ZDNet Firesheep’s Real Lesson: Take Wi-Fi Security Seriously | ZDNet Quote: The authors say that the attack can be defeated by deactivating QoS, or by switching from TKIP to AES-based CCMP. Wikipedia Wi-Fi Protected Access - Wikipedia, the free encyclopedia | | My System Specs | | System Manufacturer/Model Number n/a
OS Windows 7 Ultimate SP1 (64 bit), Windows XP SP3, Linux Mint 14 MATE (64 bit)
CPU AMD Phenom II x6 1055T, 2.8 GHz
Motherboard ASRock 880GMH-LE/USB3
Memory 8GB DDR3 1333 G-Skill Ares F3-1333C9D-8GAO (4GB x 2)
Graphics Card ATI Radeon HD6450
Sound Card Realtek?
Monitor(s) Displays Samsung S23B350
Screen Resolution 1920x1080
Mouse Wired Optical
Case Tower
Hard Drives Western Digital 1 TB (SATA), Western Digital 1.5 TB (SATA), Western Digital 2 TB (SATA)
Internet Speed DSL
Other Info Ubuntu 10.04 (64 bit) replaced with Linux Mint 14 MATE (64 bit) - 2013-01-14
RAM & Graphics Card Upgraded - 2013-01-13
Monitor Upgraded - 2012-04-20
System Upgraded - 2011-05-21, 2010-07-14
HDD Upgraded - 2010-08-11, 2011-08-24
|
31 Dec 2011
|
#10 | |
W7 x64 3rd Rock from the Sun |
I'm a little confoosed... what I'm seeing in the news concerns the weakness of the WPS PIN for assigning a security key across wireless devices from a router which is WPS equipped.
Many months ago there were claims of WEP security being crackable.
Most of us know to use stronger methods of encryption.
The present issue appears to relate uniquely to WPS and the PIN number generated as being vulnerable. Wi-Fi Protected Setup easily unlocked by security flaw ? The Register | | My System Specs | | System Manufacturer/Model Number Custom built machine
OS W7 x64
CPU Intel Q9300 2.5Ghz Quad LGA775 (Would like Q9650)
Motherboard Gigabyte GA-EP45T-UD3R (F6 Bios)
Memory 4Gb OCZ Gold 1,333Mhz
Graphics Card Palit HD4850 O/C Sonic 512Mb DDR3, Dual DViD's
Sound Card Azalia to twin Samson 50w Studio Monitors
Monitor(s) Displays Twin Dell (E-IPS) U2311H 23.6" Screens
Screen Resolution 1920 x 1080 @ 60Hz
Keyboard Cherry PS/2 custom model
Mouse Lenovo USB laser "Thinkpad" Mouse
PSU OCZ 600w
Case Lian-Li PC8 acoustifoamed' aluminium tower
Cooling Scythe 140mm Zipang
Hard Drives Crucial M4 SSD, archives on twin Western Digital Caviar Black WD2002FAEX, 2TB, 7200rpm HDD's, Samsung Ritemaster CD/DVD Burner...
Internet Speed ADSL2+ @14Mbps downstream & Cat6 Gigabit Ethernet
Antivirus NOD32
Browser Opera
Other Info Silicon Dust HD Homerun Dual FTA (Ethernet) TV Tuners, Dray Tek Vigor 2850Vn router and 8x HP Gigabit Switch. Lian-Li CR26 Card Reader, Canon MF4430 iSensys laser printer/scanner.
Major Flaw in Wi-Fi Protected Access Discovered problems? All times are GMT -5. The time now is 07:08 PM. |  |
Wi-Fi Protected Setup security hole discovered. 
