[nycbug-talk] wpa cracked

Isaac Levy ike at lesmuug.org
Sun Nov 9 01:06:20 EST 2008

On Nov 8, 2008, at 9:01 PM, Okan Demirmen wrote:

> On Sat 2008.11.08 at 19:28 -0500, Isaac Levy wrote:
>> On Nov 8, 2008, at 5:25 PM, Ray Lai wrote:
>>> On Sat, Nov 8, 2008 at 4:16 PM, George Rosamond
>>> <george at ceetonetechnology.com> wrote:
>>>> Isaac Levy wrote:
>>>>> And more on the wireless arms race:
>>>>> Migrate to WPA2, (until it gets cracked):
>>>>> http://isc.sans.org/diary.html?storyid=5315
>>>> Yeah. .  and don't use TKIP
>>> Or just use IPsec! =)
>>> -Ray-
>> For encrypted transport, sure- but what about for auth to the AP?  Is
>> there some sort of IPSEC-based solution I don't know of?
> since always.  ipsec; i'll say it again so as to interest you to read
> about it.

OK- I understand the fundamentals of IPSEC- (hell, my name is ike  
after all :)
I even use (and love) IPSEC tunnels, though setup and the various  
userland tools could be a wee bit more refined, (as with many crypto  
oriented tools, but I digress...)

Excuse my verbosity of these basics, I'm just trying to clarify:

What I'm asking here is this:
What about Link Layer (WiFi Access/Auth) controls?  WPA, and WEP, were  
designed to allow link-access to an Access Point, (as well as an idea  
of transport encryption).

Without Auth control at the link layer, we get:

   - DOS problems (too many connected users)
     - Too many unauthorized users simply connecting to the AP,  
malicious or not
       (connecting weather they get IP connectivity or not...)

(Live in NYC == feel this pain):

Plenty of vendor-supplied 'user friendly' softwares on windows  
machines try to auto-connect to AP's, based on signal strength and IP  
connectivity- often as a default setting- so it's not like many users  
even know they are helping hose your AP.  Heck- users banging away at  
the 'Internet Repair Wizzard' thingie in an OSX machine can hammer an  
AP trying to get IP connectivity, after a link is established...

Scale the problem to a busy NYC neighborhood with cafes and apartment  
buildings, and viola- hosed- with perhaps zero malicious or trespass  

So, again I ask- are there any IPSEC auth systems out there for  
wireless access points?

- If so, where are they in the *BSD world?  (e.g. for use with  
decently supported wireless cards- 802.11foo and 5ghz 802.16bar)

- And if so, where are they in the commercial WiFi access point  
world?  (big RADIUS based systems or small home units- I don't care- I  
can't find vendor gear after hitting the search engines...)

- And if so, what's it like to use in common practice?  Are there any  
sane tools for managing the key distribution?


More information about the talk mailing list