Once thought safe, the WPA standard used by countless wireless routers has been revealed to be vulnerable- but only in theory, for now.

Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard that is used to safeguard data on many wireless networks.

Researcher Erik Tews was to demonstrate the attack at the PacSec conference in Tokyo in mid-November. Cracking WPA encryption could be exploited to read data being sent from a router to a laptop, or to send bogus information to a client connected to the router.

Tews and coresearcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, which WPA uses, in a relatively short 12 to 15 minutes, says Dragos Ruiu, the PacSec conference’s organizer.

In this particular attack, however, they have not managed to crack the encryption keys used to secure data sent from the PC to the router.

WPA, widely used on today’s Wi-Fi networks, is considered superior to the original WEP (Wired Equivalent Privacy) standard, which most security professionals now deem insecure. Retail store chain T.J. Maxx was in the process of upgrading from WEP to WPA encryption when it experienced one of the most widely publicized data breaches in United States history, in which hundreds of millions of credit card numbers were stolen over a two-year period. The new WPA2 standard is considered safe from the recently developed attack.

“Everybody has been saying, ‘Go to WPA because WEP is broken,’” Ruiu says. “This is a break in WPA.”

If WPA is significantly compromised, it would be a blow for business customers who have been increasingly adopting it, says Sri Sundaralingam, vice president of product management with wireless network security vendor AirTight Networks. Although customers can use other Wi-Fi technology such as WP A2 or virtual private network software that will protect them from this attack, many devices will still connect to the network via WPA, or even by way of the thoroughly cracked WEP standard, he says.

Click for more details:

Tags: 802.11g, Wireless-N, 802.11n

EULAlyzer
Wonder what you’re agreeing to when you click I Accept? Don’t worry; just drag EULAlyzer’s target icon onto the EULA for a quick report on any troublesome language.

Hotspot Shield
Create an instant virtual private network (VPN) tunnel between your laptop and the router at any Wi-Fi hot spot to protect your data from snoops on the public airwaves, even if you are using extra encryption. If you’re on a network that limits the use of certain applications, such as Skype, the VPN could give you unfettered access. It even works with your wired connection for an extra layer of security.
Web Site: www.anchorfree.com

Kruptos 2
Kruptos makes a file accessible only to someone who knows the password; it includes a file shredder.
Web Site: www.kruptos2.co.uk

PC Flank
While ShieldsUP! tests your firewall’s ability to stealth all ports, PC Flank performs surgical strikes that emulate specific malware attacks to verify that your firewall blocks them.
WebSite: www.pcflank.com

SendShield
This Outlook add-on strips out extra info and tracked changes in Word documents attached to messages.
Website: www.sendshield.com

When you connect to the Internet through a wireless access point, you are using radio transmitters to send data between the access point and your computer. Anybody else with a Wi-Fi–enabled computer or a specialized radio receiver can also receive those signals. Unless you protect your Wi-Fi network, anybody with a Wi-Fi network interface can use it to connect to the Internet and possibly open files on your own computers.

In many neighborhoods and business districts, as many as a dozen or more different Wi-Fi signals are floating around. Most of my neighbors have turned on their access points’ security features, so it’s a lot more difficult to grab an unauthorized connection from any of them than to break into a network through an unsecured access point.

There are methods out there for cracking Wi-Fi encryption, but most intruders look for an unsecured network rather than taking the time to break through encryption. However, no wireless network is totally secure without additional tools, so your best defense is to make your wireless network more secure and more difficult to crack than the one across the street.

Read more »

Tags: Wi-Fi

Wi-Fi encryption uses the same key code on the access point and on each client computer to provide access to encrypted data. To add a key code to a Wi-Fi connection profile in Windows, follow these steps:

1. From the Control Panel or the system tray, open the Wireless Network Connection Properties window and choose the Wireless Networks tab.

2. Find the name of the network in the list of Preferred networks and click the Properties button.

3. Open the drop-down Data encryption menu and choose WEP or WPA. If the program offers you a choice of key lengths, choose the longest possible number of digits.

4. Type the same network key that you used to set up encryption on your access point in both network key fields.

5. Click the OK buttons in both open Properties windows to save your settings and close the windows.

Tags: Wireless

You configure security on a wireless network by managing the properties for that wireless network connection. The pros, cons, and details of these various security methods are beyond the scope of this book; what is important is that you know how to configure Windows Vista to match the corresponding settings in use on your network. Managing wireless connection is done via the Manage Wireless Networks applet, which is available, like all other network applets in Windows Vista, via the Network and Sharing Center. To open the Manage Wireless Networks applet, first launch the Network and Sharing Center and then select Manage Wireless Networks from the task list on the left side of the screen.

Right-clicking on an available wireless network connection and selecting Properties opens the Wireless Network properties dialog box. To configure wireless security, select the Security tab. Depending on the type of security and encryption in use, you will see different options on this tab.

Wired Equivalent Privacy
WEP is part of the 802.11 standard and is a means of securing a wireless network. The purpose of WEP is to make the communication between the computer’s NIC and the access point more secure than that of a standard radio broadcast. If the access point you are connecting to is using WEP, you need to configure Windows Vista for WEP and provide the correct security key and key index. To do so, open the Manage Wireless Networks applet from the Network and Sharing Center, right-click the network you want to set up, select Properties, and then select the Security tab. To configure WEP, set Security Type to Shared and select WEP as the Encryption Type. Doing so displays the WEP options.

Read more »

There are several bootable Linux distributions that come prepackaged with the correct drivers and software necessary for wireless and wired network sniffing. All of these include Kismet and Ethereal or Wireshark. Below are some that are available and free:

Backtrack
Backtrack is the result of two highly respected bootable penetration toolsets combining their efforts toward one unified bootable CDROM. For additional information, go to www.remoteexploit.org

Professional Hacker’s Linux Assault Kit (Phlack)
Includes many security tools and wireless auditing and scanning software. For additional information, go to www.phlak.org.

Knoppix Security Tools Distribution (Knoppix-STD)
A general-purpose collection of security tools on a bootable Linux image. For additional information, go to www.s-t-d.org.

Read more »

The proper combination of hardware, software, and drivers will enable you to effectively sniff wireless networking traffic.The following tools may be helpful:

Netstumbler
Netstumbler is more of a network scanner than a network sniffing tool, but is useful for listing networks detectable from your location. Netstumbler is an active network scanner that sends out probes that are detectable by others. It can be downloaded for free from www.netstumbler.org.

Kismet
Kismet is an open-source, free, wireless network scanner and vulnerability detector, that keeps track of wireless clients and their network associations. Unlike other scanners, it is a completely passive network scanner, and can be downloaded from www.kismetwireless.net.

Wireshark
Wireshark has a number of dissectors for wireless management traffic; however, it does not track by Service Set Identifier (SSID), nor does it show signal

CommView for WiFi
CommView for WiFi is a commercial wireless network monitor and scanner that can export in tcpdump format, which Wireshark imports and reads easily. CommView for WiFi can be downloaded from www.tamos.com/products/commwifi/