• Revista PROGRAMAR: Já está disponível a edição #53 da revista programar. Faz já o download aqui!

teckV

WPA Cracking Proof of Concept Available

1 mensagem neste tópico

-- informação educacional -- -- informação educacional -- para apredizagem de conceitos apenas -- não usar estes metodos contra redes alheias

i warned u

wifinnbig.gif

We warned you: short WPA passphrases could be cracked—and now the software exists: The folks who wrote tinyPEAP, a firmware replacement for two Linksys router models that has on-board RADIUS authentication using 802.1X plus PEAP, released a WPA cracking tool.
The solution to this WPA weakness involves one of three approaches:

Choose a better passphrase: Pick passphrases that aren’t entirely comprised of dictionary words, meaning they need some random nonsense in them. “My dog has fleas”: very bad. “Mdasf;lkjadfklja;dfja;dfja;d”: very good, but hard to type in. Passphrases should be at least 20 characters.

Use randomness to choose a passphrase: A random passphrase of at least 96 bits and preferably 128 bits will defeat the cracking that Moskowitz wrote about, according to his paper. Tools like SecureEZSetup from Broadcom and AOSS (AirStation One-touch Setup System) from Buffalo are two automated ways to produce better passwords of this variety.

Use WPA Enterprise or 802.1X + WPA: Deploy enterprise-based authentication which will allow a strong WPA key to be uniquely assigned to each user. This isn’t as expensive as it once was. The TinyPEAP folks are pushing their method, but you can also turn to Interlink Networks’s LucidLink product (for on-site control), Gateway Computer’s 7000 series of access points with on-board PEAP service, and Wireless Security Corporation’s WSC Guard, available from them directly or for certain Linksys models via Linksys.

Update: Alert Slashdot readers noted that KisMAC has had a WPA cracking tool built in for several months. KisMAC is a Macintosh-only version of Kismet, a tool for monitoring and cracking wireless networks (for good and evil). Kismet itself lacks this feature. The Mac-only nature of KisMAC has most likely limited the spread of this knowledge.

Two NetworkWorldFusion writers pointed out last month KisMAC’s ability in a great overview of WPA’s weakness and the justification for adopting 802.1X plus WPA.

http://wifinetnews.com/archives/004428.html

Software para crackar WPA    -  tinyPEAP

What is tinyPEAP?

tinyPEAP is a very small RADIUS server that supports PEAP authentication (the most secure wireless authentication protocol). It was designed from scratch to be able to run on very minimal hardware, such as the Linksys WRT54G. What are the benefits of such a server? Traditional 802.1X/RADIUS solutions require a dedicated RADIUS server and a rather complex setup. tinyPEAP allows you to have all of the benefits of 802.1X and PEAP security without the hassle of having a full blow RADIUS server on hand. In fact, the whole setup fits in a relatively cheap wireless access point that is very easy to setup. For those not familiar with 802.1X/PEAP solutions, they provide much enhanced security and user management abilities. 802.1X/PEAP solutions such as tinyPEAP successfully mitigate most of the known attacks against 802.11 wireless networks, most notably sniffing and key cracking. The tinyPEAP team has integrated this server into WRT54G and GS firmware for you to try. We have also provided you with a graphical interface in order to manage the server

Documentation

tinyPEAP White Paper   - PDF - http://www.tinypeap.com/docs/TinyPEAP_White_Paper.pdf'>http://www.tinypeap.com/docs/TinyPEAP_White_Paper.pdf

http://www.tinypeap.com/

WPA Cracker

http://www.tinypeap.com/html/wpa_cracker.html

teckV

house of horus

1

Partilhar esta mensagem


Link para a mensagem
Partilhar noutros sites

Crie uma conta ou ligue-se para comentar

Só membros podem comentar

Criar nova conta

Registe para ter uma conta na nossa comunidade. É fácil!


Registar nova conta

Entra

Já tem conta? Inicie sessão aqui.


Entrar Agora