Wireless Security
The Skinny On How Not To Write An Article About WPA-PSK Nov 15 2010 08:21PM
Paul Asadoorian (paul pauldotcom com) (4 replies)
Re: The Skinny On How Not To Write An Article About WPA-PSK Nov 16 2010 01:45PM
Rob Fuller (jd mubix gmail com) (1 replies)
Re: The Skinny On How Not To Write An Article About WPA-PSK Nov 17 2010 02:06PM
Christopher Byrd (chris riosec com) (1 replies)
Re: The Skinny On How Not To Write An Article About WPA-PSK Nov 18 2010 04:47PM
dragorn kismetwireless net
Re: The Skinny On How Not To Write An Article About WPA-PSK Nov 16 2010 02:28AM
Richard Farina (sidhayn gmail com)
Re: The Skinny On How Not To Write An Article About WPA-PSK Nov 16 2010 01:57AM
Grant Moerschel (gm wavegard com)
Re: The Skinny On How Not To Write An Article About WPA-PSK Nov 16 2010 01:00AM
Kenneth Voort (listbounce-01 voort ca) (1 replies)
Re: The Skinny On How Not To Write An Article About WPA-PSK Nov 17 2010 06:24AM
Cedric Blancher (blancher cartel-securite fr)
Le lundi 15 novembre 2010 à 20:00 -0500, Kenneth Voort a écrit :
> It still raises the bar for Firesheep attacks.

Firesheep can be used along with ARP cache poisoning. When you realize
that, you understand that you can't get protected from *legitimate
users*, whatever protection scheme you deploy over Wi-Fi. Because on
open network, anyone is a legitimate user, that is where Wi-Fi
protection comes into play against Firesheep. No where else.
To summarize, Wi-Fi encryption does not protect against Firesheep, nor
barely raises the bar. But it reduces your exposure to legitimate users.

> So yes, it is /possible/ to decrypt anyone's traffic on a WPA network
> who joins after you do, but there exists no skiddieproof tool to do
> it.

Legitimate users don't need to decrypt traffic on the fly or play with
Hole196. That's a non issue. They can just use scapy, arpspoof, arp-sk,
ettercap or any ARP injection tool... Now we can discuss whether theses
tools are script-kiddies proof. My take would be that they are...

Firesheep exploits well-known security issues at application level.
That's where it should be solved.

--
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus