Hi *, for more Info go to: http://100h.org/wlan/aircrack/ download the compressed File, and read the contained Readme file. Markus Gaugusch schrieb:

...

which one is more secure for wlans, WEP with 128 bit, or WPA-PSK?

WPA-PSK is more secure, but also dependant on the pass phrase. I prefer random strings with ~50 bytes, You can get those easily from base64 coded email attachments. This is also a great source for initial user passwords ;-)

Funny idea ;-) By far less complicated as using random data and md5.

Markus

Dirk TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de -------------------------------------------------------- working hard | for your success -------------------------------------------------------- Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Richard Hofbauer kaufm. Geschäftsleitung: Rosa Igl -------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: markus@gaugusch.at, admin@eregion.de, suse-security@suse.com # Dateianhänge: 0 Die Mitteilung dieser E-Mail ist vertraulich und nur für den oben genannten Empfänger bestimmt. Wenn Sie nicht der vorgesehene Empfänger dieser E-Mail oder mit der Aushändigung an ihn betraut sind, weisen wir darauf hin, daß jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung sowie Weitergabe des Inhalts untersagt ist. Wir bitten Sie uns in diesem Fall umgehend zu unterrichten. Vielen Dank The information contained in this E-Mail is privileged and confidental intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient or competent to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this E-Mail is strictly prohibited. If you have received this E-Mail in error, please notify us immediately. Thank you

/ 2005-09-06 22:12:17 +0200 \ Markus Gaugusch:

On Sep 6, Dirk Schreiner wrote:

...

Markus Gaugusch schrieb:

...

...

which one is more secure for wlans, WEP with 128 bit, or WPA-PSK?

WPA-PSK is more secure, but also dependant on the pass phrase. I prefer random strings with ~50 bytes, You can get those easily from base64 coded email attachments. This is also a great source for initial user passwords ;-)

Funny idea ;-) By far less complicated as using random data and md5.

And better, because md5 outputs only 0-9,A-F ...

well. if you take the base64 encoding of a compressed (zip, (.tar.) gzip, bz2, most pdfs, many image file formats), the entropy should be high enough...

The /dev/random and tr approach is of course better (in theory), but I just can't remember that command when I need to ;-) Usually, base64 encoded data has enough randomness if you look a bit for it ...

there is also pwgen: pwgen generates passwords which are designed to be easily memorized by humans, while being as secure as possible. The pwgen program is designed to be used both interactively, and in shell scripts. Hence, its default behaviour is differs depending on whether the standard output is a tty device or a pipe to another pro‐ gram. Used interactively, pwgen will display a screenful of passwords, allowing the user to pick a single password, and then quickly erase the screen. This prevents someone from being able to "shoulder- surf" the user’s chosen password. When standard output is not a tty, pwgen will only generate one password, as this tends to be much more convenient for shell scripts. This also assures that pwgen is compatible with a previous version of this program. [... few options snipped ...] very nice imho. btw, Markus, what about that beer we wanted to have the other day? -- : Lars Ellenberg Tel +43-1-8178292-0 : : LINBIT Information Technologies GmbH Fax +43-1-8178292-82 : : Schoenbrunner Str. 244, A-1120 Vienna/Europe http://www.linbit.com :