WPA2 Hole196 Vulnerability

By Mark Davidson on July 25th, 2010
0

WPA2 Hole 196Last month the Wi-Fi Alliance started steps to put an end to WEP and TKIP. By January 2011 the Wi-Fi Alliance plans to disallow TKIP on access points, and disallowed its use on all WiFi devices by 2012. WEP unfortunately survives a bit longer, with the standard being banned on access points from 2013 and banned from all WiFi devices a year later. WPA2-Mixed mode which allows TKIP, will also go in 2014, leaving only WPA2-AES.

With that good news last month, bad news comes this month for the security of Wi-Fi standards.

AirTight Networks have uncovered a vulnerability that they call “Hole196” (  The 196 referring to the last line of Page 196 in the IEEE 802.11-2007 specification ), this is a vulnerability in the WPA2 security protocol that exposes WPA2-secured Wi-Fi networks to malicious insiders. With WPA2 being vastly adopted as the most robust option for many environments due to its resilience to brute force dictionary attacks, this vulnerability will effect both corporate and public networks significantly.

By exploiting the vulnerability, an insider can bypass WPA2 private key encryption and authentication to sniff and decrypt data from other authorized users as well as scan their devices for vulnerabilities, and potentially allow attackers to compromise users devices. AirTight researcher, Md. Sohail Ahmad, will be demonstrating this vulnerability at the Black Hat Arsenal (July 29th) and at DEFCON18 (July 31st) in a presentation entitled “WPA Too?!”.
The “WPA Too” presentation will demo the vulnerability and explain how it can be exploited by a malicious user to attack and compromise a legitimate user.

For the people not lucky enough to attend either security conference, AirTight will present a public Webinar on August 4 at 19:00 GMT to detail its findings.

Once the details of the vulnerability are disclosed it will be time to determine what steps and countermeasures can be used to protect wireless network infrastructure. But for now all that can really be done is to break out the VPN tunnels whenever using Wi-Fi. This can at least protect against your data being intercepted but there is still the potential for the attacker to disrupt the targets network traffic.

Read & Comment ›››

Posted in
Tags

unrar All Files in Directory

By Mark Davidson on July 15th, 2010
6

For quite a while I have found it a pain that unrar does not allow you to extract multiple files at once.
The other day I finally figured out how to get past this. Simply use xargs with place holders.

This command will unrar all the files in the current directory and any subdirectories to the directory /home/user/directory/

find . -iname "*.rar" | xargs -i unrar x {} /home/user/directory/
Posted in
Tags

Synology DS410j Review

By Mark Davidson on July 4th, 2010
3

Synology Disk Station DS410jIn the shared house where I live for the last year been running a server for storing files and as a place to do any big downloads too. Recently we noticed are electric bill had got quite expensive so in attempt to cut the bills we started looking at what drains the most power in the house. Naturally we found the server to be one of the biggest drains as it runs at about 150W ideal. As a result of being an old desktop with a AMD X2 3200+ processor in.

So to cut are electric bill by a bit, I set out to find a replacement. My criteria for the replacement being low power usage, quiet, RAID Support and having at least 4 HDD bays.

Matching these criteria  I came up with a 2 possible choices the Data Robotics Drobo FS 5 Bay Stoage Robot priced at around £550 and the Synology Disk Station DS410j priced at around £260.

My choice between these two products came simply down to pricing although I had heard a lot of good things about the Drobo but at over double the cost of the DS410j for me this was just not a valid option.
Read & Comment ›››

Posted in
Tags
Older Entries Newer Entries