BAD NEWS: VPN Protocol PPTP & Wireless WPA2-Enterprise Gets Cracked!!! | |
Anonymous Coward User ID: 21949309 France 08/14/2012 11:53 AM Report Abusive Post Report Copyright Violation | VPNReviewz Reports That Executive Order Promises To Give Total Control Of The Internet To The Department of Homeland Security [link to exaltedtruth.com] |
Anonymous Coward User ID: 21949309 France 08/14/2012 12:00 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 21937935 United States 08/14/2012 12:04 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 997890 United States 08/14/2012 12:07 PM Report Abusive Post Report Copyright Violation | |
UnBanned Immortal User ID: 13891428 United States 08/14/2012 12:07 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 12562443 United States 08/14/2012 12:08 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 21949309 France 08/14/2012 12:10 PM Report Abusive Post Report Copyright Violation | |
Reaper User ID: 20737321 United Kingdom 08/14/2012 12:20 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 21949309 France 08/14/2012 12:22 PM Report Abusive Post Report Copyright Violation | |
Reaper User ID: 20737321 United Kingdom 08/14/2012 12:23 PM Report Abusive Post Report Copyright Violation | |
Reaper User ID: 20737321 United Kingdom 08/14/2012 12:24 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 21950358 Germany 08/14/2012 12:25 PM Report Abusive Post Report Copyright Violation | Tools released at Defcon can crack widely used PPTP encryption in under a day Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication. MS-CHAPv2 is an authentication protocol created by Microsoft and introduced in Windows NT 4.0 SP4. Despite its age, it is still used as the primary authentication mechanism by most PPTP virtual private network (VPN) clients. [link to www.infoworld.com] PPTP Gets Cracked The Black Hat hackers convention in Las Vegas is a sort of safe crackers convention for the modern world. If many of the participants are the modern equivalents of safe crackers, then Moxie Marlinspike showed up with a lot of dynamite. This accomplished hacker utilized his CloudCracker Web service to demonstrate that he is able to get through the security on any PPTP VPN utilizing the MS-CHAPv2 protocol. If you think that this doesn’t affect you because you’re not using PPTP security on your VPN connection, be aware that MS-CHAPv2 is also used for the WPA2-Enterprise security on wireless access points. The other options include IPSec and OpenVPN, both of which are far more secure than the PPTP protocol. In fact, with a high enough level of encryption, IPSec is even used by governments to transmit top-secret information. Marlinspike recommends that businesses and users switch over to one of these protocols and not use PPTP. If you are using VPN encryption to protect yourself from having your ISP spy on your activity online, it’s a good idea to move over to one of the other protocols. [link to vpnreviewz.com] old as hell and you are wrong WPA2 is not cracked and will be save for some time its just the computing power that is always increasing and this ofcurse will make passwords with 8 digits useless. Use better password and you are always save with wpa2 there is still no flaw there that you can exploit. |
Anonymous Coward User ID: 21949309 France 08/14/2012 12:26 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 21949309 France 08/14/2012 12:27 PM Report Abusive Post Report Copyright Violation | Tools released at Defcon can crack widely used PPTP encryption in under a day Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication. MS-CHAPv2 is an authentication protocol created by Microsoft and introduced in Windows NT 4.0 SP4. Despite its age, it is still used as the primary authentication mechanism by most PPTP virtual private network (VPN) clients. [link to www.infoworld.com] PPTP Gets Cracked The Black Hat hackers convention in Las Vegas is a sort of safe crackers convention for the modern world. If many of the participants are the modern equivalents of safe crackers, then Moxie Marlinspike showed up with a lot of dynamite. This accomplished hacker utilized his CloudCracker Web service to demonstrate that he is able to get through the security on any PPTP VPN utilizing the MS-CHAPv2 protocol. If you think that this doesn’t affect you because you’re not using PPTP security on your VPN connection, be aware that MS-CHAPv2 is also used for the WPA2-Enterprise security on wireless access points. The other options include IPSec and OpenVPN, both of which are far more secure than the PPTP protocol. In fact, with a high enough level of encryption, IPSec is even used by governments to transmit top-secret information. Marlinspike recommends that businesses and users switch over to one of these protocols and not use PPTP. If you are using VPN encryption to protect yourself from having your ISP spy on your activity online, it’s a good idea to move over to one of the other protocols. [link to vpnreviewz.com] old as hell and you are wrong WPA2 is not cracked and will be save for some time its just the computing power that is always increasing and this ofcurse will make passwords with 8 digits useless. Use better password and you are always save with wpa2 there is still no flaw there that you can exploit. really????? READ THE FUCKING ARTICLE, YOU THINK IT'S FAKE???? |
Anonymous Coward User ID: 17828910 Canada 08/14/2012 12:27 PM Report Abusive Post Report Copyright Violation | |
AtsuiPanda User ID: 16510251 United States 08/14/2012 12:35 PM Report Abusive Post Report Copyright Violation | |
AtsuiPanda User ID: 16510251 United States 08/14/2012 12:36 PM Report Abusive Post Report Copyright Violation | if it's disabled you should be ok i think. I think it said it has to have WPS enabled. Quoting: Reaper 20737321 thanks for the info. Most stuff with WPS auto have it on is the problem tho Last Edited by The Deplorable AtsuiPanda on 08/14/2012 12:37 PM :/sdfhasdfshasd/: Those who live by the sword die by the sword, those who don't live by the sword are subject to those who do. |
Too Lazy To Log In. User ID: 4928607 United States 08/14/2012 12:36 PM Report Abusive Post Report Copyright Violation | |
AtsuiPanda User ID: 16510251 United States 08/14/2012 12:38 PM Report Abusive Post Report Copyright Violation | He prob still thinks they cant get viruses too.. news flash bud its because not many coders want to make something when only 1% of computer users use a Mac :/sdfhasdfshasd/: Those who live by the sword die by the sword, those who don't live by the sword are subject to those who do. |
Anonymous Coward User ID: 21950358 Germany 08/14/2012 12:39 PM Report Abusive Post Report Copyright Violation | Tools released at Defcon can crack widely used PPTP encryption in under a day Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication. MS-CHAPv2 is an authentication protocol created by Microsoft and introduced in Windows NT 4.0 SP4. Despite its age, it is still used as the primary authentication mechanism by most PPTP virtual private network (VPN) clients. [link to www.infoworld.com] PPTP Gets Cracked The Black Hat hackers convention in Las Vegas is a sort of safe crackers convention for the modern world. If many of the participants are the modern equivalents of safe crackers, then Moxie Marlinspike showed up with a lot of dynamite. This accomplished hacker utilized his CloudCracker Web service to demonstrate that he is able to get through the security on any PPTP VPN utilizing the MS-CHAPv2 protocol. If you think that this doesn’t affect you because you’re not using PPTP security on your VPN connection, be aware that MS-CHAPv2 is also used for the WPA2-Enterprise security on wireless access points. The other options include IPSec and OpenVPN, both of which are far more secure than the PPTP protocol. In fact, with a high enough level of encryption, IPSec is even used by governments to transmit top-secret information. Marlinspike recommends that businesses and users switch over to one of these protocols and not use PPTP. If you are using VPN encryption to protect yourself from having your ISP spy on your activity online, it’s a good idea to move over to one of the other protocols. [link to vpnreviewz.com] old as hell and you are wrong WPA2 is not cracked and will be save for some time its just the computing power that is always increasing and this ofcurse will make passwords with 8 digits useless. Use better password and you are always save with wpa2 there is still no flaw there that you can exploit. really????? READ THE FUCKING ARTICLE, YOU THINK IT'S FAKE???? I read it i dose not say anything about WPA2 ! Its the connection of the routers or network cards nothing more then a driver problem. But Wpa2 is save if you know how to use it. |
UnBanned Immortal User ID: 13891428 United States 08/14/2012 12:39 PM Report Abusive Post Report Copyright Violation | Do you really believe a mac cannot be hacked? Only if it has any shitty microsoft products installed in it. Last Edited by UnBanned Immortal on 08/14/2012 12:39 PM May The Schwartz be with you. |
AtsuiPanda User ID: 16510251 United States 08/14/2012 12:48 PM Report Abusive Post Report Copyright Violation | Tools released at Defcon can crack widely used PPTP encryption in under a day Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication. MS-CHAPv2 is an authentication protocol created by Microsoft and introduced in Windows NT 4.0 SP4. Despite its age, it is still used as the primary authentication mechanism by most PPTP virtual private network (VPN) clients. [link to www.infoworld.com] PPTP Gets Cracked The Black Hat hackers convention in Las Vegas is a sort of safe crackers convention for the modern world. If many of the participants are the modern equivalents of safe crackers, then Moxie Marlinspike showed up with a lot of dynamite. This accomplished hacker utilized his CloudCracker Web service to demonstrate that he is able to get through the security on any PPTP VPN utilizing the MS-CHAPv2 protocol. If you think that this doesn’t affect you because you’re not using PPTP security on your VPN connection, be aware that MS-CHAPv2 is also used for the WPA2-Enterprise security on wireless access points. The other options include IPSec and OpenVPN, both of which are far more secure than the PPTP protocol. In fact, with a high enough level of encryption, IPSec is even used by governments to transmit top-secret information. Marlinspike recommends that businesses and users switch over to one of these protocols and not use PPTP. If you are using VPN encryption to protect yourself from having your ISP spy on your activity online, it’s a good idea to move over to one of the other protocols. [link to vpnreviewz.com] old as hell and you are wrong WPA2 is not cracked and will be save for some time its just the computing power that is always increasing and this ofcurse will make passwords with 8 digits useless. Use better password and you are always save with wpa2 there is still no flaw there that you can exploit. really????? READ THE FUCKING ARTICLE, YOU THINK IT'S FAKE???? I read it i dose not say anything about WPA2 ! Its the connection of the routers or network cards nothing more then a driver problem. But Wpa2 is save if you know how to use it. WPA WPA2 can be hacked... a lot of people use a 30GB word list.. :/sdfhasdfshasd/: Those who live by the sword die by the sword, those who don't live by the sword are subject to those who do. |
AtsuiPanda User ID: 16510251 United States 08/14/2012 12:49 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 21950358 Germany 08/14/2012 12:53 PM Report Abusive Post Report Copyright Violation | ... Quoting: Anonymous Coward 21950358 old as hell and you are wrong WPA2 is not cracked and will be save for some time its just the computing power that is always increasing and this ofcurse will make passwords with 8 digits useless. Use better password and you are always save with wpa2 there is still no flaw there that you can exploit. really????? READ THE FUCKING ARTICLE, YOU THINK IT'S FAKE???? I read it i dose not say anything about WPA2 ! Its the connection of the routers or network cards nothing more then a driver problem. But Wpa2 is save if you know how to use it. WPA WPA2 can be hacked... a lot of people use a 30GB word list.. Even if you use Rainbowtables you will never beat a 15 digit passwords with lowercase uppercase and symbols. You just cant, you only can find a exploit in this algorithm and then you can crack it. |
UnBanned Immortal User ID: 13891428 United States 08/14/2012 12:53 PM Report Abusive Post Report Copyright Violation | |
dont spread the FUD User ID: 21653176 Germany 08/14/2012 12:55 PM Report Abusive Post Report Copyright Violation | please stop the bullshit and dont mention wpa2 or other crap. only stuff that is affected is the core component the mschap encryption. if you use weak encryption anywhere its affected. this doesnt mean that wpa2 stuff is affected in general. normal homeusers dont use wpa2 with anything close to mschap, that some vpn and enterprise remote crap and many years ago outdated. its insecure weak encryption that microsoft invented decades ago. wpa2 is NOT mschap stuff in general in fact, homeusers use WPA2 is a still very secure AES encryption mode thanks for not FUDding and spreading bollocks why thank you. |
Floobarb the Argnorf User ID: 1550737 United States 08/14/2012 12:58 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 15782258 Belgium 08/14/2012 12:59 PM Report Abusive Post Report Copyright Violation | very old news... ipsec is the de facto standard for authenticated and/or encrypted tunnelling. has been since the second half of the nineties. and it's about time people start to use it... openvpn is fairly secure, but stateless (udp only) - which makes it useless from a strict security point of view... |
Anonymous Coward User ID: 997890 United States 08/14/2012 12:59 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 9943244 United States 08/14/2012 01:01 PM Report Abusive Post Report Copyright Violation | |