Then there was the news that Adobe issued a security patch for both Adobe Reader and Adobe Acrobat that fixed several security issues which would allow attackers to remotely execute code on the target machine. The patch can be downloaded from the official Adobe website and should be applied by users who work with Adobe Reader or Adobe Acrobat.

Lastly PC World published an article claiming that WPA Wi-FI encryption was cracked. (Thanks to Lee Mathews for sending this in via email). Security researcher Erik Tews is said to demonstrate how he was able to crack any WPA encryption in around 15 minutes at the PacSec conference in Tokyo next week.

To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference’s organizer.

Users who use wireless connections should make sure that they are using WPA2 encryption. If their router is not supporting that kind of encryption it could mean to check the Internet for firmware updates that add that possibility or to purchase a new wireless router that supports it.

Related posts

• T-Mobile myTouch (5)
• T-Mobile G1: A Closer Look (8)
• Google Android Application Store Browser (6)
• Android Phone Emulator (5)
• Unofficial Adobe Reader Patch Released (4)

While it does not seem to be that bad that someone else would use your wireless internet connection for surfing the web it becomes a very important matter if this is abused. Someone could download warez, pornography, commit fraud, send thousands of emails or share software in p2p networks. You will be held responsible for abuse that is done with your connection.

You need to know the basic information about your wireless router before you can begin to protect it.

• Who is the manufacturer
• What is the name of the wireless router

Visit the manufacturers website and search for updates for your router. Updates are normally in the form of firmware updates which update the internal functions to a new version which could result in additional features and security. Please consult the website for instructions on how to update the firmware of your router.

Make sure you update it using a wired connection because wireless connection tend to become unstable in the wrong moments. (Murphy’s law)

It is now time to protect the router further. Connect to the interface which is normally done by opening the IP of the router. (default 192.168.1.1 most of the time) Enter username and password and change them when your are logged in. Many routers get hacked because the user did not change the default login data that ships with the routers. Everyone can look them up and it is really easy to access the router even though everything else might have been optimized for security.

Now it is time to configure the security settings of the w-lan router. Add a service set identifier (SSID), it does not really matter how you name it, just remember the name. Make sure you disable the SSID broadcasting afterwards, this ensure that your wireless router does not show the SSID and it is a little bit more difficulty to find it out.

I know that this is a weak security tip but it could mean that this in addition with other security measures poses a problem for so called script kiddies.

Enable the strongest encryption method available, this is normally WPA2 with AES. If you have an older router or a device that does not support WPA2 you should think of buying a new router or updating the devices. Make sure you use a large string with numbers and letters. A good value would be between 20 and 30 chars for the key, make sure you remember it because you need to supply the key to the other devices that have to connect to the router.

Enable Mac filtering, look up your mac address by using the command line in Windows XP and typing ipconfig /all. The physical address is your mac address. This ensures that only computers with a Mac address that is listed in the router can connect to it. Please note that the Mac address can be faked.

If you do not need the full transmitter power because your router and computer are physically close to each other you could reduce the transmitter power to reduce the chance that someone from outside your walls will be able to find the router and connect to it. Please be aware that a good antenna on the device that wants to connect to your router is able to counter this strategy.

Here is a list of other ideas that are worth investigating.

• Disable all services that you do not need.
• It is a very good idea to power off the router when you do not need it to prevent anyone from connecting to it while you are away. Alternatively turn off the wireless function of the router.
• If you have the means monitor the traffic of your wireless connection to find out if someone else uses it as well.
• Enable the firewall of the router and configure it properly
• If the router has a logging feature enable it and analyze it regularly.
• Limit the maximum number of DHCP addresses if you use that feature.
• Use Authentication if possible.

Related posts

• How to Secure your Wireless Network (8)
• Cracking Wi-Fi Protected Access (2)
• Yahoo marks dangerous search results (4)
• Wordpress Remote Admin Password Reset Vulnerability (13)
• Wireless Network Scanner inSSIDer (3)

The FBI method relies on the following tools: Kismet and Aircrack. Both can be found on Linux live cds such as knoppix.

Do the following if you have the tools available:

1. Run Kismet to find your target network. Get the SSID and the channel.
2. Run Airodump and start capturing data.
3. With Aireplay, start replaying a packet on the target network. (You can find a ‘good packet’ by looking at the BSSID MAC on Kismet and comparing it to the captured packet’s BSSID MAC)
4. Watch as Airodump goes crazy with new IVs. Thanks to Aireplay.
5. Stop Airodump when you have about 1,000 IVs.
6. Run Aircrack on the captured file.
7. You should see the WEP key infront of you now.

source

Related posts

• Cracking WEP and WPA Wireless Networks (1)
• Protect your Wireless Lan (9)
• Of Cracks, Hacks And Jailbreaks (2)
• Data Retention laws on the uprise (0)
• Cracking Wi-Fi Protected Access (2)

The first paragraph starts with a little theory on WEP cracking and goes on with setting up your tools, finding the network, capturing IVs, Using IVs to decrypt the key and finally Anticipated Problems. After that the differences between WEP and WPA cracking are explained and the article informs you about different WPA flavours.

Related posts

• Cracking WEP with Windows XP (61)
• Cracking WEP the FBI way (1)
• Protect your Wireless Lan (9)
• Of Cracks, Hacks And Jailbreaks (2)
• Display all wireless network keys (0)

The article examines the WPA protection in detail and demonstrates how it can be cracked. The first part gives a good overview of WPA and compares it to WPE. The second part goes into detail how WPA can be cracked.

Related posts

• Xirrus Wi-Fi Monitor (2)
• Wireless Hotspot Hacks (1)
• Wi-Fi Signal Strength (8)
• Six WiFi Security Myths (4)
• Protect your Wireless Lan (9)