Question about Wireless

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 10:13 pm
Location: Lancaster CA

Question about Wireless

Postby skiptaylor » Wed Oct 29, 2008 7:51 pm

We have a Pix 501 with an Aironet 1220(?) for the wireless access. We are using LDSAccess Extended for the FHC as well as the Presidency.

I've been told of a person that managed to access the Internet via our net without knowing the passphrase. It appears he has an original iPod with something called Snoop on it. Apparently it has automated the break-in process.

I'll be talking with this person at Church on Sunday. I want to see this and how it works.

Talked to the GSD and they were of the opinion that it's not a really major thing.

Has anyone else heard of this? Would this illicit access be a major thing for you? Is there a way to prevent this?

russellhltn
Community Administrator
Posts: 20762
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Wed Oct 29, 2008 8:54 pm

Do you know what security is set up? Odyssey? WEP? WAP?
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 10:13 pm
Location: Lancaster CA

Postby skiptaylor » Wed Oct 29, 2008 9:41 pm

RussellHltn wrote:Do you know what security is set up? Odyssey? WEP? WAP?

WAP with TKIP and a passphrase. GSD told me they were phasing out Odyssey.
Skip Taylor :eek:
Lancaster CA.

russellhltn
Community Administrator
Posts: 20762
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Wed Oct 29, 2008 9:51 pm

That's curious. It's possible a second profile has been loaded on the AP.
Have you searched the Wiki?

Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 10:13 pm
Location: Lancaster CA

Postby skiptaylor » Wed Oct 29, 2008 10:11 pm

RussellHltn wrote:That's curious. It's possible a second profile has been loaded on the AP.

I had the GSD check that. They only see two profiles, the standard FHC Odyssey profile and the LDSAccess profiles. Can a profile be hidden from them?

I can't attach to it with my PDA (iPAQ 4350), all the PC's I've attached needed the passphrase. I'm not much on iPod's as I've only seen 2 or 3 of them. Are they that computationally powerful? I know WPA can be broken but it takes more than a few minutes from what I've seen on the Internet (and a LOT more than an iPOD!).
Skip Taylor :eek:
Lancaster CA.

skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 10:13 pm
Location: Lancaster CA

Postby skiptaylor » Wed Oct 29, 2008 10:29 pm

From my notes, the program on the iPod may be called Spoof instead of Snoop.
I've looked the Internet over via Google and cannot find either a Spoof or a Snoop application for an iPod.

I've also been looking around and have found out it's not easy to break WPA/TKIP.

So I'm wondering if someone gave this person the passphrase. This seems the most likely scenario.

Guess I'll find out on Sunday.
Skip Taylor :eek:
Lancaster CA.

russellhltn
Community Administrator
Posts: 20762
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Thu Oct 30, 2008 12:07 am

avskip wrote:I had the GSD check that. They only see two profiles, the standard FHC Odyssey profile and the LDSAccess profiles. Can a profile be hidden from them?


Others have reported that the two don't play well together and ultimately Odyssey had to be pulled. I think yours is the first report that the two have successfully been done. Maybe that's the problem.

WEP has been broken. I hadn't heard that WPA had been.
Have you searched the Wiki?

Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

User avatar
Mikerowaved
Community Moderators
Posts: 3132
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Postby Mikerowaved » Thu Oct 30, 2008 12:51 am

RussellHltn wrote:WEP has been broken. I hadn't heard that WPA had been.

WPA is only as secure as the key. Short passphrases with no symbols or punctuation can be broken without too much effort. The longer and more complex the key is, the effort required to crack it goes up astronomically.
So we can better help you, please edit your Profile to include your general location.

skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 10:13 pm
Location: Lancaster CA

Postby skiptaylor » Thu Oct 30, 2008 10:40 am

RussellHltn wrote:Others have reported that the two don't play well together and ultimately Odyssey had to be pulled. I think yours is the first report that the two have successfully been done. Maybe that's the problem.

WEP has been broken. I hadn't heard that WPA had been.

We had to stop using the Odyssey profile due to it's bad interaction with the LDSAccess profile. All machines are on LDSAccess now. The two apparently don't play together well. The Odyssey profile still exists in the AP though.

There's a video on YouTube showing a WPA crack using a program on a Mac. From start to finish it takes under a minute. It uses a dictionary approach. It fails when there are more than one word or nonsensical strings for the passphrase.

It was an interesting journey. One site even told how to get in from the outside to see if there are MAC addresses stored and how to spoof the MAC addresses you get.
Skip Taylor :eek:
Lancaster CA.

skiptaylor
Member
Posts: 190
Joined: Fri Mar 23, 2007 10:13 pm
Location: Lancaster CA

Correction

Postby skiptaylor » Thu Oct 30, 2008 3:36 pm

I wanted to correct this, it's not the original iPod he was using. It's the first generation iPod Touch (iTouch?) that he has.

Just wanted to set that straight. :)
Skip Taylor :eek:
Lancaster CA.


Return to “Meetinghouse Internet”

Who is online

Users browsing this forum: No registered users and 1 guest