« Security Podcasts Roundup | Main | PaulDotCom Security Weekly - Episode 18 - March 9, 2006 »

PaulDotCom Security Weekly - Episode 17 - March 4, 2006

Live from the PaulDotCom Security Weekly Studio....

Note: Video has been added! Larry and I give a demo of Kismac.

  • Sponsored by Core Security, listen for the discount code at the end of the show
  • Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
  • Last weeks winner was William Day, congrats!
  • Please go update our frapper map!
  • Using Cain & Abel properly
  • mwcollectd, nepetheses, and differences between "Security Ninja" and "Ninja Fan"
  • Larry give us the update from SANS Orlando 2006
  • Full Show Notes

Don't forget to check out Larry's Blog,HaxorTheMatrix.com for coverage on the latest security and hacking news.

Hosts: Larry Pesce, Paul Asadoorian, "Twitchy", Martin McKeay
Email: psw@pauldotcom.com

(The show is getting long again, we apologize and will try for a shorter show next week, promise)

Direct Audio Download
Direct Video Download

(Bandwidth provided by OSHEAN, They have ninjas)

Video Feeds:

Audio Feeds:

Posted by Paul Asadoorian on March 4, 2006 10:34 AM |

Comments

I believe the answer is 13 key bytes. After that, there is no point in capturing more.

Posted by: Steven Murawski | March 4, 2006 01:40 PM

The following description about how many IVs are necessary to crack WEP comes from the Airsnort FAQ located at http://airsnort.shmoo.com/faq.html. "Most passwords can be guessed with after about two thousand interesting packets. Some as few as 1200-1500, others as many as 3500-4000."

Great Podcast. Keep up the good work.
Cutaway

Posted by: Anonymous | March 4, 2006 03:52 PM

Due me being a wannabe Ninja Fan, I had to go to my friend Goo-gle, he/she/it suggested this:
you will need to capture around 50,000 to 200,000 IVs in order to crack a 64 bit WEP key and for a 128 bit key, you will need around 200,000 to 700,000 IVs
Taken from:
http://www.tomsnetworking.com/2005/05/18/how_to_crack_wep_/page3.html

Now I've actually read the link, I'm off to buy a new WAP without a depressingly easy way to bypass my imagined WEP security...

Posted by: Chris in Oz | March 4, 2006 06:44 PM

i think it would be between 6 and 256 weak IVs that would be needed to recover the key

Posted by: Christian Koch | March 4, 2006 07:34 PM

sorry ..typo..i meant between 60 and 256 ivs

Posted by: Christian Koch | March 4, 2006 07:35 PM

using airsnort u could crack a 64bit wep key with approximately 1200 weak iv packets

Posted by: Frank | March 4, 2006 07:51 PM

ok

i take back the 60-256

i think we would need between 100-500,000 ivs to crack wep

Posted by: Christian Koch | March 5, 2006 01:01 AM

Opps, got posted as anonymous.
Cutaway

Posted by: Cutaway | March 5, 2006 01:29 AM

Well it all depends on if they are weak IVs or not, and who you ask...
But lets say 200000-1000000.

Posted by: il | March 5, 2006 10:09 AM

Between a "few" 10,000 and a few million packets of data.

Posted by: Perry | March 5, 2006 11:36 PM

The number that has been posted since this came out has been roughly 1500. Not a range.

A lot of hardware now attempts to mask the weak IV's now, but the keys can still be cracked - it just requires more packets.

Posted by: Jason Slagle | March 6, 2006 05:02 PM

"...it usually takes only five to ten million packets to break WEP..."

from http://www.wi-fiplanet.com/tutorials/article.php/2106281

Posted by: Steve | March 8, 2006 05:39 PM

It's a collision, right? So you only need two ;-)

Posted by: Eliot Phillips | March 9, 2006 04:35 PM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)