T
Tony Hwang
Guest
ceg wrote:
C
ceg
Guest
On Wed, 26 Aug 2015 07:08:58 -0700, Jeff Liebermann wrote:
Ah. That makes a *lot* of sense (I hate when that happens!).
This is a "comcast neighborhood", where all the college kids live. We can
assume most of them weren't born with a router next to the silver spoon
in the cradle, so, they probably got their modem/router combo's from
Comcast. And Comcast probably defaulted on the naming conventions.
That makes too much sense!
Thanks for 'splaining.
Ah. That makes a *lot* of sense (I hate when that happens!).
This is a "comcast neighborhood", where all the college kids live. We can
assume most of them weren't born with a router next to the silver spoon
in the cradle, so, they probably got their modem/router combo's from
Comcast. And Comcast probably defaulted on the naming conventions.
That makes too much sense!
Thanks for 'splaining.
C
ceg
Guest
On Wed, 26 Aug 2015 10:29:39 -0500, Mark Lloyd wrote:
Because of butterfly tables, you want your ESSID to be unique, I think.
The details are beyond me (I think Jeff Liebermann turned me on to this
concept), but the net is that you don't want your ESSID to be something
that is in the hash tables of 30 million other ESSIDs.
Because of butterfly tables, you want your ESSID to be unique, I think.
The details are beyond me (I think Jeff Liebermann turned me on to this
concept), but the net is that you don't want your ESSID to be something
that is in the hash tables of 30 million other ESSIDs.
J
Jeff Liebermann
Guest
On Tue, 25 Aug 2015 22:06:49 +0000 (UTC), ceg
<curt.guldenschuh@gmail.com> wrote:
They don't. The HOME-XXXX format, where XXXX might be the last 4
digits of the MAC address, is the default SSID for Comcast "gateway"
style wireless routers. I'm not sure when this started, but my
guess(tm) is about 2 years ago.
Anything is better than linksys, dlink, default, hpsetup, and default.
<https://wigle.net/stats#mainstats>
3.74% of about 210 million wireless networks use the default SSID. I
guess this is proof that most computer users have no imagination.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
<curt.guldenschuh@gmail.com> wrote:
They don't. The HOME-XXXX format, where XXXX might be the last 4
digits of the MAC address, is the default SSID for Comcast "gateway"
style wireless routers. I'm not sure when this started, but my
guess(tm) is about 2 years ago.
Anything is better than linksys, dlink, default, hpsetup, and default.
<https://wigle.net/stats#mainstats>
3.74% of about 210 million wireless networks use the default SSID. I
guess this is proof that most computer users have no imagination.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
M
Mark Lloyd
Guest
On 08/25/2015 05:06 PM, ceg wrote:
I have been in a nearby city, where there are a lot of college students.
I don't see "home" but I do often see ISP names or router brand names.
It looks like an attempt by sellers to provide unique SSIDs, and users
who don't change the defaults.
Where I live, I don't see prefixes like that, but I do see some
interesting names like "FBI Surveillance" and
"ThisIsNoyTheWiFiYou'reLookingFor".
--
Mark Lloyd
http://notstupid.us/
"HUMANISM: an exaltation of freedom, but one limited by our need to
exercise it as an integral part of nature and society." [John Ralston
Saul]
I have been in a nearby city, where there are a lot of college students.
I don't see "home" but I do often see ISP names or router brand names.
It looks like an attempt by sellers to provide unique SSIDs, and users
who don't change the defaults.
Where I live, I don't see prefixes like that, but I do see some
interesting names like "FBI Surveillance" and
"ThisIsNoyTheWiFiYou'reLookingFor".
--
Mark Lloyd
http://notstupid.us/
"HUMANISM: an exaltation of freedom, but one limited by our need to
exercise it as an integral part of nature and society." [John Ralston
Saul]
M
Mark Lloyd
Guest
On 08/26/2015 09:08 AM, Jeff Liebermann wrote:
[snip]
I used to see a lot of "Linksys" SSIDs without wireless security. Once I
considered connecting and changing it to something like "I'm so
insecure!" or "I need my WPA!",
--
Mark Lloyd
http://notstupid.us/
"HUMANISM: an exaltation of freedom, but one limited by our need to
exercise it as an integral part of nature and society." [John Ralston
Saul]
[snip]
I used to see a lot of "Linksys" SSIDs without wireless security. Once I
considered connecting and changing it to something like "I'm so
insecure!" or "I need my WPA!",
--
Mark Lloyd
http://notstupid.us/
"HUMANISM: an exaltation of freedom, but one limited by our need to
exercise it as an integral part of nature and society." [John Ralston
Saul]
C
ceg
Guest
On Wed, 26 Aug 2015 17:31:20 -0600, Tony Hwang wrote:
> Fancy SSID has no impact on security.
Butterfly hash tables?
> Fancy SSID has no impact on security.
Butterfly hash tables?
T
Tony Hwang
Guest
Jeff Liebermann wrote:
J
Jeff Liebermann
Guest
On Wed, 26 Aug 2015 17:31:20 -0600, Tony Hwang <dragon40@shaw.ca>
wrote:
>Fancy SSID has no impact on security.
Wrong. The SSID is used as a "salt" to do WPA/WPA2 encryption. The
rainbow tables are only useful if the SSID of the system that you're
attacking is the same as one of the SSID's in the rainbow table. Using
a common SSID listed on Wigle improves the probability of a successful
attack. I use my address.
<http://www.renderlab.net/projects/WPA-tables/>
<https://wigle.net/stats#ssidstats>
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
wrote:
>Fancy SSID has no impact on security.
Wrong. The SSID is used as a "salt" to do WPA/WPA2 encryption. The
rainbow tables are only useful if the SSID of the system that you're
attacking is the same as one of the SSID's in the rainbow table. Using
a common SSID listed on Wigle improves the probability of a successful
attack. I use my address.
<http://www.renderlab.net/projects/WPA-tables/>
<https://wigle.net/stats#ssidstats>
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
T
Tony Hwang
Guest
Jeff Liebermann wrote:
I don't even bother hiding my SSID. Nothing
important in my home network. My lawyer, bank,
accountant keeping important stuffs.
Regardless, it is crackable if one intends to.
I don't even bother hiding my SSID. Nothing
important in my home network. My lawyer, bank,
accountant keeping important stuffs.
J
Jeff Liebermann
Guest
On Thu, 27 Aug 2015 11:20:05 -0600, Tony Hwang <dragon40@shaw.ca>
wrote:
This is one reason why I hate security discussions. If you really
think there's nothing important on your home computah, then I suggest
you test this. Install a program that does a recursive text search on
all your files. For Windoze, I use Agent Ransack:
<https://www.mythicsoft.com/agentransack>
Plug in your social security number, checking account numbers, and
credit card numbers, and see what it finds. The idea is to obtain
enough info to perform an identity theft. I was rather surprised to
find both on my machine. While WPA2 cracking is usually just to gain
access to a faster or more convenient internet connection, it's not
beneath the dignity of most casual hackers to make some money on the
side.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
wrote:
This is one reason why I hate security discussions. If you really
think there's nothing important on your home computah, then I suggest
you test this. Install a program that does a recursive text search on
all your files. For Windoze, I use Agent Ransack:
<https://www.mythicsoft.com/agentransack>
Plug in your social security number, checking account numbers, and
credit card numbers, and see what it finds. The idea is to obtain
enough info to perform an identity theft. I was rather surprised to
find both on my machine. While WPA2 cracking is usually just to gain
access to a faster or more convenient internet connection, it's not
beneath the dignity of most casual hackers to make some money on the
side.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
S
Sam E
Guest
On 08/26/2015 06:31 PM, Tony Hwang wrote:
It could affect how attractive your network is to a potential intruder.
So, indirectly, it is affecting security since it makes the difference
on whether or not someone tries to get in.
--
"I am attempting to construct a mnemonic memory circuit using stone
knives and bearskins."
It could affect how attractive your network is to a potential intruder.
So, indirectly, it is affecting security since it makes the difference
on whether or not someone tries to get in.
--
"I am attempting to construct a mnemonic memory circuit using stone
knives and bearskins."
S
Sam E
Guest
On 08/27/2015 12:29 AM, Jeff Liebermann wrote:
Don't name your WiFi network "monkey".
--
"I am attempting to construct a mnemonic memory circuit using stone
knives and bearskins."
Don't name your WiFi network "monkey".
--
"I am attempting to construct a mnemonic memory circuit using stone
knives and bearskins."
J
Jeff Liebermann
Guest
On Thu, 27 Aug 2015 13:26:40 -0500, Sam E
<why.should.this@be.email.invalid> wrote:
>Don't name your WiFi network "monkey".
The SSID can be 1 to 32 characters. One of my customers set his SSID
to "*". I forgot exactly what it broke, but I do recall spending a
week failing to fix what I thought were unrelated problem. When I
changed the SSID to something reasonable, all the weirdness went away.
This was quite a while ago so presumably it's now fixed.
Another fun SSID is "ANY". I don't recall what it was suppose to do,
but it was thrown into some long forgotten manufacturers firmware to
allow any device to connect, probably for repeaters and range
extenders. Try it and see what breaks.
Also try "Free Public WiFi" which is really a Microsoft XP bug.
<http://www.npr.org/2010/10/09/130451369/the-zombie-network-beware-free-public-wifi>
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
<why.should.this@be.email.invalid> wrote:
>Don't name your WiFi network "monkey".
The SSID can be 1 to 32 characters. One of my customers set his SSID
to "*". I forgot exactly what it broke, but I do recall spending a
week failing to fix what I thought were unrelated problem. When I
changed the SSID to something reasonable, all the weirdness went away.
This was quite a while ago so presumably it's now fixed.
Another fun SSID is "ANY". I don't recall what it was suppose to do,
but it was thrown into some long forgotten manufacturers firmware to
allow any device to connect, probably for repeaters and range
extenders. Try it and see what breaks.
Also try "Free Public WiFi" which is really a Microsoft XP bug.
<http://www.npr.org/2010/10/09/130451369/the-zombie-network-beware-free-public-wifi>
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
Guest
On Thu, 27 Aug 2015 11:20:05 -0600, Tony Hwang wrote:
It doesn't seem like you understand the problem.
Maybe you do, but it doesn't seem like you do.
The problem is they used, as a salt, the ESSID!
That's a pretty dumb salt.
It's even a dumber salt if the owner leaves the ESSID at the default
values, or, if the owner changes the ESSID to something common.
Because of that, anyone with the tables already has your hash and is on
your wireless network already.
It doesn't seem like you understand the problem.
Maybe you do, but it doesn't seem like you do.
The problem is they used, as a salt, the ESSID!
That's a pretty dumb salt.
It's even a dumber salt if the owner leaves the ESSID at the default
values, or, if the owner changes the ESSID to something common.
Because of that, anyone with the tables already has your hash and is on
your wireless network already.
Guest
On Wed, 26 Aug 2015 10:29:39 -0500, Mark Lloyd wrote:
You have to realize what Jeff is trying to tell you, which is that any
common name for the ESSID has *already* been hashed.
In that case, WPA2/PSK is worthless.
Use a common name, and you immediately have no security no matter what
you set the security to.
You have to realize what Jeff is trying to tell you, which is that any
common name for the ESSID has *already* been hashed.
In that case, WPA2/PSK is worthless.
Use a common name, and you immediately have no security no matter what
you set the security to.
M
Mark Lloyd
Guest
On 09/03/2015 11:53 PM, Ewald Böhm wrote:
WPA2/PSK is one thing that is needed. Another is a better ESSID.
--
112 days until the winter celebration (Friday December 25, 2015 for 1
day).
Mark Lloyd
http://notstupid.us/
"He's a born-again Christian. The trouble is, he suffered brain damage
during rebirth."
WPA2/PSK is one thing that is needed. Another is a better ESSID.
--
112 days until the winter celebration (Friday December 25, 2015 for 1
day).
Mark Lloyd
http://notstupid.us/
"He's a born-again Christian. The trouble is, he suffered brain damage
during rebirth."
Guest
On Fri, 04 Sep 2015 11:59:08 -0500, Mark Lloyd wrote:
> WPA2/PSK is one thing that is needed. Another is a better ESSID.
You need both.
One without the other is worthless.
> WPA2/PSK is one thing that is needed. Another is a better ESSID.
You need both.
One without the other is worthless.
M
Mark Lloyd
Guest
On 09/05/2015 09:50 PM, Ewald Böhm wrote:
Yes, both are better. I was never recommending only one, even though
that would be far from worthless.
--
110 days until the winter celebration (Friday December 25, 2015 for 1
day).
Mark Lloyd
http://notstupid.us/
"If I see a professing vegetarian eating meat, it is no hypocrisy for me
to point out his inconsistency even though I personally do not subscribe
to the principles of vegetarianism."
Yes, both are better. I was never recommending only one, even though
that would be far from worthless.
--
110 days until the winter celebration (Friday December 25, 2015 for 1
day).
Mark Lloyd
http://notstupid.us/
"If I see a professing vegetarian eating meat, it is no hypocrisy for me
to point out his inconsistency even though I personally do not subscribe
to the principles of vegetarianism."