[Sussex] WPA recent thread discussion
paul
reality at dsl.pipex.com
Tue Oct 23 01:18:24 UTC 2007
sussex-request at mailman.lug.org.uk wrote:
> Send Sussex mailing list submissions to
> sussex at mailman.lug.org.uk
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://mailman.lug.org.uk/mailman/listinfo/sussex
> or, via email, send a message with subject or body 'help' to
> sussex-request at mailman.lug.org.uk
>
> You can reach the person managing the list at
> sussex-owner at mailman.lug.org.uk
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Sussex digest..."
>
>
> Today's Topics:
>
> 1. Re: Holbrook - Moot: Wired Networking (Steve Dobson)
> 2. Re: Holbrook - Moot: Wired Networking (Kenny Millington)
> 3. Re: Holbrook - Moot: Wired Networking (Jon Fautley)
> 4. CUPS won't let me login (Brendan Whelan)
> 5. Re: Holbrook - Moot: Wired Networking (Richie Jarvis)
> 6. Re: Holbrook - Moot: Wired Networking (Steve Dobson)
> 7. Re: Questions about a 1U server (John Crowhurst)
> 8. Re: Holbrook - Moot: Wired Networking (Richie Jarvis)
>
>
> ----------------------------------------------------------------------
>
>
About the recent WPA thread - it's not very secure in theory as you only
have to catch a 4-way eapol which can easily be forced via a deauth.
Once done, yes you need to perform a dictionary attack, and yes, the
pass must be in the dictionary.
But, this isn't quite as difficult/unlikely as it sounds, though it can
be time consuming - but then it's an offline attack anyway...
Take a look around, the cowf group have prepared pre-computed tables
(like shmoo's readily available rainbow tables) specifically for this task.
There is also work in wpa2 ongoing...
I'll fish out some links if you're interested.......
More information about the Sussex
mailing list