Date: Mon, 19 Nov 2007 13:21:23 -0600 From: Josh Paetzel <josh@tcbug.org> To: freebsd-security@freebsd.org Subject: Re: testing wireless security Message-ID: <200711191321.44398.josh@tcbug.org> In-Reply-To: <200711191643.lAJGh3jb027972@lava.sentex.ca> References: <200711191643.lAJGh3jb027972@lava.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Monday 19 November 2007 10:43:13 am Mike Tancsa wrote: > I have been playing around with 3 ath based FreeBSD boxes and seem to > have got everything going via WPA and a common PSK for 802.11x > auth. However, I want to have a bit more certainty about things > working properly. > > What tools do people recommend for sniffing and checking a wireless network > ? > > In terms of IDS, is there any way to see if people are trying to > bruteforce the network ? I see hostap has nice logging, but anything > beyond that ? > > e.g. with a bad psk on the client > hostapd: ath0: STA 00:0b:6b:2b:bb:69 IEEE 802.1X: unauthorizing port > > is there a way to black list MAC addresses, or just allow certain > ones from even trying ? IPSEC will be running on top, but I still > want a decent level of security on the transport layer. > When I looked in to this it seemed that the current state of affairs is that WPA can only be broken by brute-forcing the key. I don't recall if that could be done 'off-line' or not. My memory is that the needed info to attempt bruteforcing could be done by simply receiving....no need to attempt to associate to the AP was needed. I'm not really interested in disseminating links to tools that can be used to break wireless security, but simple google searches will give you the info you need.....and the tools are in the ports tree for the most part. Fortunately WPA allows keys that put even resource-rich attackers in to the decade range to bruteforce. -- Thanks, Josh Paetzel PGP: 8A48 EF36 5E9F 4EDA 5A8C 11B4 26F9 01F1 27AF AECB [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQBHQeJIJvkB8SevrssRAoxDAJ0ZoFYLd5Ihi5l+5hacGp6kbAgq2wCdHIZl RNQnG9mWd1F81lNxrp4zfxI= =1vEg -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200711191321.44398.josh>