The Fluhrer-Mantin-Shamir method is not efficient in all cases.
As Access Points have been fixed to some extent to not leak weak IV's,
this attack is not very effective. Unless the AP hasn't been updated since
the FMS attack, you are wasting your time. (I know, generalization)
A guy called KoreK figured out a statistical attack against WEP that
requires gathering about 100k packets for 64-bit and 300k packets for
128-bit WEP and this attack has been incorporated into weplab and aircrack
tools.
If the network is a low-traffic network, you could try to speed things up
by replaying valid traffic into the network. You could for example
identify WEP-encrypted ARP packet by it's size, and then repeat this into
the network while capturing generated sent/received data on another
machine/nic.
And about the effectiveness of cracking WPA-PSK with a dictionary attack,
I think this is as easy or as hard as the passphrase used. If you use a
normal 8-character word as your passphrase, and you have a good dictionary
starting from 8 characters... If you use a 63 character passphrase
instead, things get just a bit harder.. ;)
-m-
--
http://www.liquidinfo.net
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
