WEP And PPTP Password Crackers Released

Jacco de Leeuw writes "SecurityFocus published an article by Michael Ossmann that discusses the new generation of WEP cracking tools for 802.11 wireless networks. These are much faster as they perform passive statistical analysis. In many cases, a WEP key can be determined in minutes or even seconds. For those who have switched to PPTP for securing their wireless nets: Joshua Wright released a new version of his Cisco LEAP cracker called Asleap which can now also recover weak PPTP passwords. Both LEAP and PPTP employ MS-CHAPv2 authentication." Update: 12/22 00:14 GMT by T : Michael Ossmann wrote to point out his last name has two Ns, rather than one.

I'm not worried.

[Anonymous Coward]

Not at all..

yes you are... you should be !!!!

he. what the. Who ?

hahaha got you.

NO DON'T PRESS...

Too late !!..

SUBMIT..

Misread the headline...

[Timo_UK]

And I thought they had released some crackers from prison...

Make getting on the internet go faster.

[Anonymous Coward]

Would you like to search for a wireless basestation?
Yes.
Would you like to connect?
Yes.

A few minutes or even seconds later ......

Todays cpu's really can "get you on the internet faster".

Re:Security is an illusion ...

[amorsen]

Heh, I love the fact that they mention 40-bit RSA. 40-bit symmetric could be sort of used back in the 80's. With 40-bit RSA it's faster to break the encryption than to type in the key.

Old news

[IO ERROR]

This story is old news [slashdot.org], as I posted the following way back in April:

If you bought one of those shiny new 802.11{abg} access points so you could be lazy and use your laptop in bed without a bunch of cords dangling all over the place, you have a decision to make. Do you want your neighbors and random strangers using your Internet connection?

If you decide you don't want other people using your connection, then don't do these things:

• Hide your SSID. Your access point will broadcast it anyway whenever your computer associates, and if you're using Windows XP then it associates every few seconds.
• Use MAC filtering. Your access point will broadcast valid MAC addresses whenever those stations are in use, and anybody can pick those up and change their MAC address to match yours.
• Use WEP. It's easy enough to crack that anybody listening can recover your WEP key in a fairly short time if you actually use your wireless connection for anything.
• Use a Microsoft access point. Microsoft access points will gladly send their WEP key to anybody who asks, making WEP completely useless.
• Use LEAP. It is based on Microsoft CHAP and a poor implementation at that. It's easy to crack.

Hm, what's the point of enabling all that security if it's so easy to get around? Here are some other things you might try:

• Turn off the access point's DHCP server. Won't do you much good, since somebody can just "borrow" your IP address when you aren't using it or use an unused IP address in your subnet.
• Reorient the access point's antenna. Then you'll just have the people on the other side of your apartment using it.

Hm, you may as well just take the damn thing back and get a refund, and suffer the Ethernet cord.

Re:Some thoughts on Wireless and Security

[DikSeaCup]

Of course, all that aluminum foil you're using to coat your walls and windows must have set you back a bit.

honeypot WAP time!

[EvilStein]

I have like 5 WAPs plugged in - but only one of them is actually plugged into the network. Go ahead, waste some time cracking the WEP keys on the 4 other ones that don't even have ethernet cables plugged into them. muhahahahaa..

The 5th one is a flaky piece of crap anyway and will likely just fry your WiFi card when my roommate fires up the microwave.