WiFi Stumbler

Prev: FBI wants records kept of Web sites visited
Next: Netgear - XE103 vs XET1001 - what's different

From: Warren Oates on 13 Feb 2010 08:28

---

In article <4b7607d6$1(a)dnews.tpgi.com.au>,
"me here" <gloaming_agnet(a)hotmail.com> wrote:

> This java script really only displays the same information as the wifi
> adapter does when set to scan - it's a bit of a con really -

Yes and no. It's using my Airport Extreme for scanning, obviously, and
it displays my wireless info, and my next door neighbour's. But Airport
by itself only shows _my_ network _unless_ the Meraki applet is running.
Next door is weak -- maybe Airport has a threshold of some kind.

Hmm. The guy's still on WEP. I should hack it. Although his password is
probably his wife's name ...
--
Very old woody beets will never cook tender.
-- Fannie Farmer

From: Jeff Liebermann on 13 Feb 2010 21:00

---

On Sat, 13 Feb 2010 15:47:54 -0600,
ibuprofin(a)painkiller.example.tld.invalid (Moe Trin) wrote:


>Did he _really_ pick something so secret and unusual? Wow - most
>users choose one of the 86 passwords the 'deloader' worm (CERT Advisory
>CA-2003-08) was looking for in March 2003:
>
> [NULL] 0 000000 00000000 007 1 110 111 111111 11111111 12
> 121212 123 123123 1234 12345 123456 1234567 12345678 123456789
(etc...)

Most of those listed will not work with WEP. Assuming an ASCII key
(not a Hex key), it has to be exactly either 5 or 10 characters long,
which corresponds to 64 or 128bit WEP encryption.

My favorite throw away WEP/WPA password is "changethis". Note that
it's exactly 10 characters so that it will work with both WEP and WPA.

--
Jeff Liebermann jeffl(a)cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

From: John Navas on 13 Feb 2010 21:28

---

On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
<p(a)Use-Author-Supplied-Address.invalid> wrote in
<f517c01ae1c0db874b6851396a06f024(a)tioat.net>:

>Since I am connecting from am unencrypted public AP, I won't be using their
>sniffer ;-). I used TOR when I need to keep my data transfers private, so I
>guess I might try it with TOR.

What makes you think Tor is actually real protection? Faith?
<http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29#Weaknesses>
And those are just the _known_ weaknesses.
I'm reminded of WEP. And TKIP. And on and on.

--
Best regards, FAQ for Wireless Internet: <http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-Fi_Fixes>

From: Moe Trin on 13 Feb 2010 22:28

---

On Sat, 13 Feb 2010, in the Usenet newsgroup alt.internet.wireless, in article
<qvlen51om4m26kig9pd4006ed7430khape(a)4ax.com>, Jeff Liebermann wrote:

[CERT Advisory CA-2003-08 ``passwords'']

>Most of those listed will not work with WEP. Assuming an ASCII key
>(not a Hex key), it has to be exactly either 5 or 10 characters long,
>which corresponds to 64 or 128bit WEP encryption.

[selene ~]$ sed -n '247,264'p worms/deloder | tr -s ' ' | tr ' ' '\n' |
grep ^.....$ | column
login admin super alpha owner 54321 Admin 12345 Login pw123
[selene ~]$

Well, there's ten of the 86 ;-)

>My favorite throw away WEP/WPA password is "changethis". Note that
>it's exactly 10 characters so that it will work with both WEP and WPA.

and will never be changed. We work under a different concept - the
default is going to be something like

[selene ~]$ head -2 /dev/random | mimencode | cut -c20-29 | tail -1
tqF+eE204n
[selene ~]$

"tqF+eE204n" is given to them on a piece of paper - along with the
output of 'whatis passwd' as a hint. The password is changed (probably
to one of those listed in CA-2003-08) when they discover how hard it
is to type that mess consistently - certainly not later than when they
loose the paper the second time.

Old guy

From: p on 14 Feb 2010 20:41

---

John Navas <spamfilter1(a)navasgroup.com> wrote in
news:5nnen5hpab00ggpiisuuspe4ldoahp1qfg(a)navasgroup.com:

> <http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29
#Weaknesses>
>

Subject: Re: WiFi Stumbler
From: John Navas <spamfilter1(a)navasgroup.com>
Newsgroups: alt.internet.wireless

On Sat, 13 Feb 2010 20:34:15 +0000 (UTC), p
<p(a)Use-Author-Supplied-Address.invalid> wrote in
<f517c01ae1c0db874b6851396a06f024(a)tioat.net>:

>Since I am connecting from am unencrypted public AP, I won't be
using their
>sniffer ;-). I used TOR when I need to keep my data transfers
private, so I
>guess I might try it with TOR.

What makes you think Tor is actually real protection? Faith?
<http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29
#Weaknesses>
And those are just the _known_ weaknesses.
I'm reminded of WEP. And TKIP. And on and on.

--
Best regards, FAQ for Wireless Internet:
<http://wireless.navas.us>
John FAQ for Wi-Fi: <http://wireless.navas.us/wiki/Wi-
Fi>
Wi-Fi How To: <http://wireless.navas.us/wiki/Wi-
Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.navas.us/wiki/Wi-
Fi_Fixes>

Explain to me what harm you'd be able to do on an end to end
encrypted tor connection, as I use with any sensitive data exchange?
Unless NSA or similar breaks encrypted data streams, as they
probably can if they work at it, all you will get is garbage.
And since I am not a terrorist, I don't have to worry much about
NSA.

First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: FBI wants records kept of Web sites visited
Next: Netgear - XE103 vs XET1001 - what's different