http://www.tomsnetworking.com/Sections-article111-page1.php

In a recent ISSA (Information Systems Security Association) in Los Angeles, a team of FBI agents were showing the awaiting crowd exactly how easy it is to crack WEP encryption.

They used most of the tools we've all used and tried before, but its always good to read an article from different sources, and this is probably my first 'how-to-hack' article from the FBI...

They used the obvious tools:



except I found a new security distro, NOT BASED ON KNOPPIX ! Well, atleast not the current version, still downloading atm, but i hope this distro maybe another to add to my collection, indead of having most of them all based on Knoppix...

* Auditor's Security Collection - Contains all the wireless hacking tools already installed

http://new.remote-exploit.org/index.php/Main_Page <- can be found there

Myth1368

Kewl story. I will test my own network now. An look if im secure enough

Auditor is one of the best bootable security distros for wireless hacking. It is regularly updated and a NEW version was released a couple of weeks ago.

I think the new whoppix does a fine job too...


FLX

Doesn't really surprise me that the FBI would demonstrate this--after all, they have the best encryption-crackers in the world (as far as I know); I have never seen software (we're not talking about the ones freely available or well known), nor their special agent brain childs (their intelligence scares me), work the way they do. For them, and for all of us in this post that are capable of doing it, cracking WEP is a cake walk.

What does surprise me is a public display, even if it is an easy task for them.

Maybe everyone should change to WPA, or to another encryption algorithm, because even FBI writes a tutorial about WEP Cracking...
BTW, there's a good Auditor tutorial, here, in this forum. Search for it if you are interested... And as another security collection, I heard of WarLinux.
And I sometimes think whether we should remain on WPA after reading the WPA cracking tutorial... (it's here in the forum, too)

to be honest i find the wep weakness very annoying.

i purchased a hardware wireless router a while back, and the firmware hasnt been upgraded for wpa.

but i run a home network with many file shares etc between boxes and now any wardriver can hack in after 5 mins from a car outside.

even securing the net to my own mac addresses wont stop the determined, as you can just reconfigure your wireless card to a spoof mac addy.

guess i will have to install old fashioned cable in my house!

Warlinux is old already...
an other good dis for wireless audits can you find here

a list with the tools included can you find here

hf

u could always try Netstumbler, it helps u view all the connected access point in ur wireless network!

I dont have time to make a thread about this atm, but i will soonish...

Remove WEP and WPA if your running it...

Well, check if you have the function for a VPN Server first

People are able to connect to my wireless network. Hell, i'd invite them too. But thats it. My VPN wont allow them to do squat, and allows encryption and authentication...

Atm, im working on another plan for war drivers, ie when they connect, do a port scan etc and monitor them (because they dont have a registerd MAC addy etc)

Still a work in progress, but i'll get around to sharing it sooner than later