[virus]

anyone heard of Faraday's cage? I was told that banks deploy such solutions is they ever need wireless on the inside ..

[exobot]

virus, on Apr 22 2005, 02:21 PM, said:

anyone heard of Faraday's cage?

Actually... hxxp://www.forcefieldwireless.com/defendair.html

(it's based on the Faraday cage principle)

[jim-bob]

SgtRush, on Jan 25 2005, 10:58 PM, said:

Alright, I have 100,000 encrypted packets and have been running aircrack for a week with a fudge factor of 4.

Obviously having weak IV's would help.  I have to come to the conclusion that crackng WEP isn't as easy as the aforementioned article claims it to be. 
I will still play with this but unless anyone here has had success cracking 128 bit keys in a short time period, I am going to come to the conclusion that this information is bogus or there are other mitigating factors at best.

<{POST_SNAPBACK}>

managed to crack my 128bit WEP key in 12 minutes, this includes packet gathering as well as actual cracking.

[SteveW]

Looks like I will have to revisit this when I have time. Mind if I run my test scenario by you when I find that aforementioned time? Thanks in advance.

[jim-bob]

SgtRush, on Jun 17 2005, 10:13 AM, said:

Looks like I will have to revisit this when I have time.  Mind if I run my test scenario by you when I find that aforementioned time?  Thanks in advance.

<{POST_SNAPBACK}>

sure, just let me know when you are ready.

what i can do in the meantime is perhaps point you in the right direction.

the tools i used were all part of the Auditor Linux collection downloadable from:

hxxp://new.remote-security.com

there is also a tutorial on this site that shows u step for step how it can be done.
just check in the "Tutorials" page.

[SteveW]

Those were the tools I used. Did you get any weak IV packets?

[jim-bob]

SgtRush, on Jun 17 2005, 02:40 PM, said:

Those were the tools I used.  Did you get any weak IV packets?

<{POST_SNAPBACK}>

got a few, then used aireplay to generate alot, really quickly.

which WLAN card are you using?

[SteveW]

Thats the difference then. I got absolutely none. I was using netgears 54g card. The version before they went with a non prism chipset. Its fathers day and I intend to spend it with my wife and daughter so I won't get to it today. Most of next week I am onsite writing policies and procedures. I will bring my wireless sniffer onsite with me and play with it during writing breaks. I will let you know how it goes. Thanks for the response.

[SteveW]

Success! I was able to crack a 128 bit wep key last night.

I downloaded the latest Auditor CD and loaded it onto the laptops harddrive. Its got aireplay 2.2, apparently 2.1 requires multiple wireless nics. ( I was getting segmentations faults and couldn't figure out why) It took a little longer than 12 minutes, more like 45 minutes to gather 400k IV packets but once that was achieved it cracked the key in 15 seconds.

So what did I learn?
1. Don't run aircrack against your Kismet dump file.
2. Don't even attempt aircrack until you have enough packets.
3. Do use aireplay or some other utility to drive up the number of unique IV's.

@ BN You asked a question some time ago about loading Auditor on the hardrive. It was a piece of cake. I had some issues with the earlier version not booting into the GUI correctly. I simply told it to start manually after I had logged in. The latest version didn't have that issue and the latest version of some tools didn't hurt either.

Now I need to be able to consistently accomplish this and then incorporate it into my security presentations. I imagine this will keep some of our customers from going to Best Buy and actually seeing the need to buy a business class product.

Thanks to all for your input and making me revisit this again, I feel like a kid at Christmas, and as old as I am thats saying something.