F12 EEEPC 1000H WLAN with hidden SSID no go

Robert Moskowitz rgm at htt-consult.com
Sun Nov 29 03:34:39 UTC 2009 

Wolfgang S. Rupprecht wrote:
> Robert Moskowitz <rgm at htt-consult.com> writes:
>   
>> Actually WPA2 with 802.1X authentication is REALLY tight.  No MITM
>> will crack EAP TLS (EAP TLS is a little different than the TLS used in
>> the most recent attack).  Then use AES CCMP (not TKIP).
>>     
>
> And there we have the real way in protecting a wifi access point: turn
> off WEP, WPA (v1), and TKIP (under WPA2).  Leave only WPA2 and CCMP.
> Then let the computer choose a 64-bit hex number for the shared key.
>
> Too bad the good advice is always drowned out by the hordes that claim
> hiding SID's and changing port number on ssh are the way to get
> security.  (For ssh turn off everything but RSA and DSA -- this way the
> computer chooses a strong "password" (really a secret key) for you.)
>
>   
>> Of course your management frames are not protected.  That is 802.11w
>> that will soon be in products....
>>
>> BTW, I worked on the 802.11 standards.  I use past tense, as in June
>> my management had me move over to work on 802.15 standards. (I was in
>> Atlanta last week for the 802 meeting).
>>     
>
> Thank you for speaking up!  Will the new protocols require any HW
> support or are they drop-in replacements on current wifi nodes?  
802.11w will 'just' be a firmware upgrade. It was approved by RevComm 
back in September, so it is up to the vendors to decide which shipping 
products will support it.

> Will all the packets now be cryptographically protected?

Well, you can't protect BEACONs, PROBEs, ASSOCIATIONs, AUTHENTICATIONs, 
as there are no keys yet!

But DISASSOCIATE, the one I used in my attack against hidden SSIDs, can 
be authenticated, thus stopping this particular attack. But there are 
other ways, like flooding attacks to force a client to PROBE, thus 
exposing the SSID; just a little harder.

802.11s has a way to establish keying in the AUTHENTICATE exchange. 
There is talk about how to 'retrofit' that to non-mesh authentication. 
It seems that no one wants to open Pandora's box and shortcut this 
change, and it will have to go the PAR route and take a couple years. Sigh.

More information about the users mailing list