Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Two dead flash drives?

20 Jan 2009   #21
smarteyeball

 
 

he's got one PS3... lol

By router disconnect, are you talking about wireless disconnect or wired/lost sync disconnects? If it's the latter (don't get many) then I know I'm safe

It's more of a principle, than a worried thing. "Pi** off you cheeky bugger". Do as I say, not as I do

My sis is lucky. Her neighbour has zero protection on their wireless. As soon as I told to check for unsecure networks and she discovered it, she's become a leech demon

Disclaimer:

Stealing others bandwidth is a bad thing. Don't do it.

(public thread after all )
My System SpecsSystem Spec
20 Jan 2009   #22
darkassain

Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
 
 

Quote   Quote: Originally Posted by smarteyeball View Post
he's got one PS3... lol

By router disconnect, are you talking about wireless disconnect or wired/lost sync disconnects? If it's the latter (don't get many) then I know I'm safe

It's more of a principle, than a worried thing. "Pi** off you cheeky bugger". Do as I say, not as I do

what i mean is a router restart...
when that happens (usually more than 10 per is a caution)



Quote   Quote: Originally Posted by smarteyeball View Post
My sis is lucky. Her neighbour has zero protection on their wireless. As soon as I told to check for unsecure networks and she discovered it, she's become a leech demon
yes as far as i know i there are two open AP...


Quote   Quote: Originally Posted by smarteyeball View Post
Disclaimer:

Stealing others bandwidth is a bad thing. Don't do it.

(public thread after all )
QFT!!!!
My System SpecsSystem Spec
20 Jan 2009   #23
johngalt

 

I take it a step further and have the native syslog send all data to my computer, capturing via Kiwi Syslog Daemon (which works wonderfully in W7 - I had 0 config - read it again - 0 config - to get it working, unlike in Vista - I had to configure and usually reboot twice to get it to work).

I then use the Sans.org reporting app DShield to report the intrusions.

I had to start because back in Aug 2007 or so all of a sudden my speeds started to suffer - I spent hours trying to figure it out, then on a hunch I checked my router - and happened to look at the syslog. it was slap full. So, I cleared the log - inside of 2 minutes I had 300+ entries of blocked attempts to compromise my network.

And this was with wireless *turned off*.

I asked around, and after becoming a regular at Castle Cops (and an SRT and premium member) I was turned on to DShield. See the wiki at DShield - Wikipedia, the free encyclopedia and see the main page at DShield; Cooperative Network Security Community - Internet Security - dshield

Some seriously scary stats there.

My network is happy though, because it has gone from someone hammering in to now maybe 300 reports *per day* - not bad.
My System SpecsSystem Spec
.

20 Jan 2009   #24
darkassain

Windows 7 Ult x64(x2), HomePrem x32(x4), Server 08 (+VM), 08 R2 (VM) , SuSe 11.2 (VM), XP 32 (VM)
 
 

Quote   Quote: Originally Posted by johngalt View Post
I take it a step further and have the native syslog send all data to my computer, capturing via Kiwi Syslog Daemon (which works wonderfully in W7 - I had 0 config - read it again - 0 config - to get it working, unlike in Vista - I had to configure and usually reboot twice to get it to work).

I then use the Sans.org reporting app DShield to report the intrusions.

I had to start because back in Aug 2007 or so all of a sudden my speeds started to suffer - I spent hours trying to figure it out, then on a hunch I checked my router - and happened to look at the syslog. it was slap full. So, I cleared the log - inside of 2 minutes I had 300+ entries of blocked attempts to compromise my network.

And this was with wireless *turned off*.

I asked around, and after becoming a regular at Castle Cops (and an SRT and premium member) I was turned on to DShield. See the wiki at DShield - Wikipedia, the free encyclopedia and see the main page at DShield; Cooperative Network Security Community - Internet Security - dshield

Some seriously scary stats there.

My network is happy though, because it has gone from someone hammering in to now maybe 300 reports *per day* - not bad.

wow and you were using what secuirty protocol
WPA2-CCMP correct??

if not then read below

if this is correct what should happen after a number of tries is that the router would rekey itself and so would your devices....

Quote   Quote: Originally Posted by Security Now
So they came up with a new double-size, this thing's eight bytes, thing called an MIC, which stands for Message Integrity Code. And actually it's known as Michael, just M-i-c-h-a-e-l. So it's the Message Integrity Code. Now, they put the Message Integrity Code first, and then the ICV, the Integrity Check Value, at the end, again because their goal was to make TKIP upward compatible with existing hardware. This actually is the flaw. The fundamental flaw in all this is that they tried to wrap improvements around a really fundamentally insecure approach for WiFi, which was WEP. But they did it with the best of intentions. They gave us all years of pretty, I mean, much better security than WEP for all of us who have routers that are using WPA and TKIP protocol, the TKIP security protocol on WPA-certified equipment. So they made it much better.
they go onto the chopchop attack on WPA-TKIP

Quote   Quote: Originally Posted by Security Now
Well, it turns out that, if you do the - you start doing the chopchop guessing. You chop the last byte off the packet, and you send it back out into the air, back, for example, at the access point. If the checksum that you guess - remember they still have an ICV on the end. If the checksum is wrong, a TKIP - a newer, modern, strengthened, better protocol system - if the checksum is wrong, it ignores it. It just says, bad checksum, I'm dropping it.

Leo: And you don't get another chance.

Steve: No. It simply drops it because it figures, okay, that was a transmission error. It figures it's a transmission error, so it doesn't punish you for that. So with an average of 128 guesses, just like before under WEP, but now we're under TKIP, using the same kind of approach, when you get it right, when you do end up creating a shorter packet with the CRC, that is the ICV at the end that matches, now the problem is the MIC, the Message Integrity Code, will be wrong. And now that, when that's in violation, if you get a checksum that's correct, but the MIC, the Message Integrity Code, is wrong, now you've pissed off the access point or the client you're sending this to. Anybody who's receiving it is like, whoa, wait a minute, this is a valid packet, but the MIC is wrong. Something's fishy somewhere.

Well, they didn't want to just shut down the whole network. So they said, okay, here's what we'll do. As long as we don't get two MIC failures within a 60-second window, as long as they don't occur more often than once per minute, we'll decide that's okay. Whoops. Because look what happens. You can guess as much as you want and be wrong. But as soon as you guess correctly, you have to wait a minute. But that's not so bad because you just guessed correctly. In knowing that you have to wait a minute - because what happens is a message is sent out that says "MIC failure," so the whole network knows there was one, to sort of like put everybody on notice. But you've just been put on notice that you guessed correctly. So you've got one byte. So you wait a minute, and you start guessing the second from the last byte until you get it. Now, that allows you to march the packet down in size 12 bytes. And that'll take a little over 12 minutes. When you've done that, you've just determined the plaintext for the MIC and for the ICV. Remember, those were the last 12 bytes on a TKIP-encrypted packet.
Quote:
So you can then - you decrypt the packet once, and that takes - it's going to take 12 minutes for you to get those last 12 bytes, one at a time, because you remember you're punished by having to wait a minute. And if you don't wait a minute, that sets off alarms in the whole network that causes the access point to shut down for 60 seconds and then rekey everybody. So you've lost all your work unless you make sure that you wait at least 60 seconds between succeeding with one of your guesses because the succeeding with the guess means that the message integrity value which is inside the packet will fail. And that sets off the alarm. But that's okay because it just confirmed that you guessed the last byte correctly because you got the checksum correct.
i love this podcast...lol
http://www.grc.com/sn/sn-170.htm
My System SpecsSystem Spec
Reply

Thread Tools


Similar help and support threads
Thread Forum
All Flash Drives & External Hard Drives NOT ACCESSIBLE?
I set up a new computer. Windows 7 Pro 64x Everything was fine but then I connected a flash drive to it and I get: Location Not Available H:\ is not accessible. Access is denied If I go into the properties to the “security” tab, it says “you do not have permission to view or edit this...
Hardware & Devices
Possible bad MOBO/Sata Controller ? or 2 dead hard drives out of box?
Hi, I attempted to help save my grandfather in law some money when he told me he was going to have to have windows reinstalled on his computer. I told him I would do it for free, having formatted and re-installed windows a number of times. Here is as concise as I can be what happened - ...
Hardware & Devices
Flash drives and external hard drives
I have windows 7 pro and recently I have not been able to open up a new folder on any external hard drive or flash drive that I use with my computer. When I use these same flash and external hard drives in another computer it works fine, my initial thought is, there is something disabled in my...
Hardware & Devices
Flash: Back from the dead again?
Read more at source: Flash: Back from the dead again? | ZDNet
News
Adobe Flash: I'm not dead yet!
Read more at source: Adobe Flash: I'm not dead yet! | ZDNet
News
Flash drives & external drives won't install
Hey guys. I've been a fan of your forum for a while, and didn't create an account til now. I'm at my wits end.. and I'm desperate for help. My posts on other forums have been ignored, so I'll try here. It all started when I bought the Dingoo A320 game system. In order for it to work with Windows...
Drivers


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:59.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App