-
June 16th, 2005, 03:11 PM
#1
Junior Member
SSL Encryption
OK, My network security knowledge is not very good. I am doing some basic pentesting on my network because i know for a fact a buncha kids wardrive around my neighborhood for fun (i run wireless, WEP encryption). I know I should use WPA, just havent gotten around to it yet. My question is this. Let's say some kiddies break into my wireless network and sniff some packets. Let's say I am logging into gmail (which uses SSL) and the kiddies sniff the packets being sent with my user/pass. Now I assume this enformation is encrypted in the packet, so the user/pass cannot be directly read, but will cracking tools such as john or a rainbow crack work on SSL encryption?? If so, is there any defense against such an attack besides securing the wireless network they entered on. I guess, can SSL encryption be cracked, or can i rest easy even if the packets are sniffed?? Thanks for the help
An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"
My tea is extra hot.
-
June 16th, 2005, 03:20 PM
#2
I don't think I've heard of SSL being cracked per say. However, tools like ettercap or Cain'n'Abel can "inject" themselves just before the SSL connection is created. While it's a basic description this site does give an idea of how it works (and from that you should be able to see a small window of opportunity).
If so, is there any defense against such an attack besides securing the wireless network they entered on.
SSH-2 tunnelling or VPN tunnelling are probably the best options.
-
June 16th, 2005, 03:46 PM
#3
Junior Member
An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"
My tea is extra hot.
-
June 16th, 2005, 03:51 PM
#4
Please move to the rear of the line.....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
June 16th, 2005, 03:52 PM
#5
Please move to the rear of the line.....
My, my... we are getting kinky. Who knew that Security could be so "thexy"?
wait.. nevermind. Don't answer that..
-
June 16th, 2005, 04:09 PM
#6
Junior Member
An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"
My tea is extra hot.
-
June 16th, 2005, 06:15 PM
#7
there was an SSL cracking tool that came out a few years back, but it didn't crack the packets that were offloaded but was an inline stream hack IIRC. I can't recall the name of the tool at the moment, but I'll find it and post later.
Stuff like John the Ripper can't touch SSL encrypted packets, and as far as I know there isn't a Rainbow table on SSL.
I wouldn't worry /too/ much about someone cracking sniffed SSL packets as it will probably be too much work for the average skiddie to bother with. They are looking for soft targets
Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.
-
June 19th, 2005, 01:15 AM
#8
Member
http://www.rtfm.com/ssldump/
It's a good demonstration tool. tcpdump modified. But packets cannot be decoded without the SSL cert and password.
-
June 19th, 2005, 06:42 AM
#9
what noone seemed to mention is that while your sense of security is great its border line paranoid..... I dont think I would worry too much about your wep being cracked and then on top of that your ssl connection being cracked. If you are on that paranoid line (which it seems you are) I would regularly change your wep keys and when you get a chance setup wep... in my experience most wardrivers just look for easy targets and dont mess with wep protected networks...
dont mistake me some may take the time and effort and find it more fun but I dont think they will take the time to break the encryption and try to mess with the ssl packets
Duct tape.....A whole lot of Duct Tape
Spyware/Adaware problem click
here
-
June 20th, 2005, 12:55 PM
#10
Junior Member
I am not that paranoid. This was more outa curiousity. Even if an SSL dumped packet could be cracked, I doubt I would really change anything with my home network. I was just curious if such a thing was possible. Thanks for the analysis doc
An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"
My tea is extra hot.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|