Eircom Wireless Security Implications of the Alogrithm

Berty

Hello again, :mad:

It has been suggested that I should repost my questions due to the last thread being perceived as requesting illegal information. :eek:

Anyway, I have viewed the algorithim and tested it on my neighbour with his permission of course and it does work.

What are the security implications of this WEP bypass using your MAC address to find your key?

I am aware from Google that eircom have requested users to change the settings of their wireless routers to WAP/WAP2. If history shows anything, people will not listen and wont bother doing this.

My neighbour has changed his with my help. However, what about all the others out there who dont know about the risk, what are the implications of somebody accessing their router?

Spear

Berty wrote: »

Hello again, :mad:

It has been suggested that I should repost my questions due to the last thread being perceived as requesting illegal information. :eek:

Anyway, I have viewed the algorithim and tested it on my neighbour with his permission of course and it does work.

What are the security implications of this WEP bypass using your MAC address to find your key?

I am aware from Google that eircom have requested users to change the settings of their wireless routers to WAP/WAP2. If history shows anything, people will not listen and wont bother doing this.

My neighbour has changed his with my help. However, what about all the others out there who dont know about the risk, what are the implications of somebody accessing their router?

Eircom sent out a flyer to every customer, it also turned up on the national media. The end result is that none of the Eircom customers near me changed theirs, they're all still vulnerable and oblivious.

dub45

Berty wrote: »

Hello again, :mad:

It has been suggested that I should repost my questions due to the last thread being perceived as requesting illegal information. :eek:

Anyway, I have viewed the algorithim and tested it on my neighbour with his permission of course and it does work.

What are the security implications of this WEP bypass using your MAC address to find your key?

I am aware from Google that eircom have requested users to change the settings of their wireless routers to WAP/WAP2. If history shows anything, people will not listen and wont bother doing this.

My neighbour has changed his with my help. However, what about all the others out there who dont know about the risk, what are the implications of somebody accessing their router?

I fail to see the point of your post? This issue has been done to death on boards. As you state Eircom have informed their customers, they cannot force them to change the security. Do you expect them to visit the houses of all their customers and change the security to WPA?

And how about people who buy a wireless router to add to their system or to replace a broken one wont they equally have to inform themselves as to how set up strong security on a wireless network? Are you implying that it is someone's responsibility to educate them?

We live in a technically advanced society - there are warnings everywhere about identity theft etc - the ordinary person has to take responsibility for protecting themselves in so far as they can. Some people do this and others don't that's a fact.

If you have viewed the algorithim and are proficient enough to test it on your neighbour then I am sure that you are capable of figuring out the implications of any breach of a wireless security network or indeed any network?

Berty

dub45 wrote: »

I fail to see the point of your post? This issue has been done to death on boards. As you state Eircom have informed their customers, they cannot force them to change the security. Do you expect them to visit the houses of all their customers and change the security to WPA?

I know you fail to see the point of the post. You previously seem to think I have some hope that somebody will give me the algorithm. I certainly do not expect them to visit the house's because the cost of a call out fee for all those customers would be astronomical. In the same sentence I said history will show that people do not listen to good advice so will not change the security protocol. I think you will find the point of the post was asking what the security implications are.

dub45 wrote: »

And how about people who buy a wireless router to add to their system or to replace a broken one wont they equally have to inform themselves as to how set up strong security on a wireless network? Are you implying that it is someone's responsibility to educate them?

If you decide to buy a wireless router yourself you demonstrate some technical ability in being able to read a manual and understand which wire is which. Wireless routers not pre set by an ISP will prompt you through the process of setting up a security function. ISP's generally send them out plug and play with, in Eircom's case, WEP. Again with the implication and presumptions, NO I am not implying that someone should educate them. Set up wizard should do this with a new product. Eircom have advised customers, I know, yet that is not the point of the post. Point of post - see above.

dub45 wrote: »

We live in a technically advanced society - there are warnings everywhere about identity theft etc - the ordinary person has to take responsibility for protecting themselves in so far as they can. Some people do this and others don't that's a fact.

Some people do not consider the implications of electronic identity theft nor would they see accessing their router as a security risk even after reading the letter. Again, the point of the post is asking what the security implications are.

dub45 wrote: »

If you have viewed the algorithim and are proficient enough to test it on your neighbour then I am sure that you are capable of figuring out the implications of any breach of a wireless security network or indeed any network?

No. I would not have asked the questions otherwise. Through my use of my own wireless router and the constant troubleshooting from the manufactuer I came to understand the process of using the wirless router and because I access WIFI on a daily basis in multiple locations I am aware of how to connect. Yet, I do not know how to steal information from the hotel or bar that I am using WIFI in.

So after all that Im still looking for information on the security implications of this topic.

BTW, I searched the forum using Eircom as a search word and nothing conclusive was found.

The charter says Enjoy the Forum!

You, as a mod, are not making it very enjoyable.

dub45

I am not replying in this instance as a mod at all.

I am replying as someone who continues to be baffled as to the point of your post. Still!

Berty

dub45 wrote: »

I am not replying in this instance as a mod at all.

I am replying as someone who continues to be baffled as to the point of your post. Still!

The point of the thread is :What are the security implications of not securing your router?

How can that question be so unclear?


You did ask me through PM to open a new thread asking a more relevant question because you thought I was asking for the algorithm last time.

dub45

Anyone with a modicum of cop on can figure out the security implications of a network being breached.

Using Google and the phrase:

''implications of wireless network breach''

Yielded this link:

http://www.certmag.com/read.php?in=3453

which includes the following quote:

Wireless security threats include confidentiality, integrity and availability (CIA) of resources and information. Organizations have information to protect. This information can be financial, personal and intellectual, all of which can be sensitive. Unauthorized intruders can intercept and gain access, disclosing sensitive information (confidentiality breach) if encryption and other protective mechanisms between wireless devices are weak or vulnerable.

Disclosed information can be altered (integrity breach) intentionally by the intruder or unintentionally due to malfunction in data-synchronization routines between the wireless clients and the back-end storage. Intruders can launch attacks against wireless devices in the network and consume network bandwidth causing Denial of Service (DoS) attacks (availability breach), as well.

Berty wrote: »

.....................

If you decide to buy a wireless router yourself you demonstrate some technical ability in being able to read a manual and understand which wire is which.

Any cursory reading of the forum will reveal that this is not the case at all.
People regularly post here who are chronically either unwlling or incapable of reading a manual and who have just purchased wireless equipment.

Berty wrote: »

Wireless routers not pre set by an ISP will prompt you through the process of setting up a security function.

Again not necessarily the case at all.

Berty

dub45 wrote: »

Anyone with a modicum of cop on can figure out the security implications of a network being breached.

Using Google and the phrase:

''implications of wireless network breach''

Yielded this link:

http://www.certmag.com/read.php?in=3453

Conversation over so, or little conversation at all really.

If I wanted to read a Google repsonded result I would have. Instead, I preffered to have a candid discussion with people in this forum.

Forums are for discussing items otherwise there would be a RTFM or RTG(refer to google) button.

dub45

Your question is akin to asking what are the implications of someone breaking into your house. And the answer is that it depends on what that person wants to do when they break in!