Home networks that are "encrypted"

[lvlolvlo]

So, looking through Jasager's wiki and digininja.org I couldn't see anything about those wireless networks that are encrypted. So when the laptop sends the query, "Hello, is my home network around" and Jasager replies, "Yes." So now the laptop says, "Wonderful! Connect me! Here's my password."

Now I could imagine that this is where the problem would be. Jasager only know how to say "Yes" no dice on a handshake or authentication.

Feedback? Comments? Is my understanding of Jasager not right?

Thanks!

[loftrat]

I think it's probably more like:

Laptop: Hello, is my home network there?

HomeNet: Yep, here I am - if you want to connect you'll have to tell me the password/phrase.

Laptop: Ok, I'd like to connect - here it is.

If you turn of encryption on your home wireless network your laptop will still connect to it, it simply goes with the flow and assumes that you are no longer using encryption. I would guess that Jasager makes use of this behaviour.

[digininja]

Depends on the client software. Some when told to use encryption will only use encryption, others will fall back to no encryption if they find the AP doesn't have it.

[walts]

I've been wondering about that.

I'm not totally familiar with the WEP packets, but if my understanding is correct, the connecting PC recognizes the AP based on its SSID, and then sends a packet encrypted with what it knows as the key for that SSID. If the AP agrees, the session is established. From then on the AP must decrypt the packets before sending them on to the Internet or wherever. Now we know that in the case of WEP, the key can be derived fairly quickly by flooding the connection with ARP requests; since the format of the ARP reply packets is well known, the key can be derived in relatively few packets.

Given that there is room and CPU power on the FON, couldn't a WEP key decryptor be written to calculate the key? Once established, then the conversation could be decrypted and go along as usual with the decoded packets now available at the FON.

Of course everyone should be using WPA. That's a whole different story! :)

Walt

[digininja]

The packets used to crack WEP are ones that are captured during WEP encrypted communication, as there is no communication there will be no traffic to capture. When the client tries to associate all it is doing is initiating a handshake.

[walts]

The packets used to crack WEP are ones that are captured during WEP encrypted communication, as there is no communication there will be no traffic to capture. When the client tries to associate all it is doing is initiating a handshake.

OK I think I get it. Both ends nee to know the key before any packets are exchanged.

Thinking further about it, Windows machines at least try to connect with every SSID they've ever associated with, so the likelihood of a given PC having an unencrypted SSID in its list are pretty good. So unless the operator is vigilant, they may well connect to us anyway, no?

Walt

[lvlolvlo]

Hmmm.... so it seems that if the SSID Jasager is saying "Yes" to has encryption enabled, and the client computer DOES NOT allow communication to the same SSID but no encryption, then there will be no communication between the two - yay! crisis adverted!

Nevertheless, if the client computer does support a mismatched encryption on the same SSID then Jasager will succeed in its capture.

Thanks guys! :D

[digininja]

That is correct.