>>62928086

openvpn the protocol is legit

openvpn the service isnt foss bro.
(un-related to the protocol and the Open part of the name implys open source but its not)

what you are looking for is OpenNIC the service with OpenVPN the protocol on LEDE(newer fork) or OpenWRT

sucks for them

>living within wifi range of others
What the hell is wrong with you animals

Then just use WPA2-Enterprise

>trips
>333
Confirmed for truth.

I host my own openvpn servers. Openvpn is open source, but they have enterprise versions also which is like CrossOver to WINE.

How? What's the worst thing that could happen? Businesses run open wifi networks all the time.

openwifi networks are usually controlled, isolated and put into separate WLANs so they can't really do anything.

well yeah and ios will have one update to fix it while most android phones will never be patched because manufacturers and carriers

>not using WEP with an easy password, waiting for a script kiddie victim and once he's inside breaking hell on his computer

mac filtering is still fine right?

serves them right for not using 802.1x, i guess

If the router is properly secured with a decent password and the firmware doesn't have any known vulnerabilities it's fine. Your average script kiddie isn't NSA tier.

Won't help.

No, and it never was. MAC addresses are spoofable.

He specifically said he wasn't using a password or anything.

>openwifi networks are usually controlled, isolated and put into separate WLANs so they can't really do anything.

>doesnt know shit about openwifi

Why post about things you don't know about?

You are seriously fucking dumb

>mac filtering is still fine right?

Mac spoofing is a thing.

>serves them right for not using 802.1x, i guess

No home user of the internet uses this neckbeard faggot shit

Kill yourself archcuck if you honestly believe anyone has the time to waste editing config files autistically

>No, and it never was. MAC addresses are spoofable.

>Implying the attacker knows which mac addresses are allowed on the whitelist

>802.1x

>He specifically said he wasn't using a password or anything

pretty sure he meant the password to join the network, retard, not administer the router. I bet you're Indian. enjoy the free English lesson.

>wpa2 enterprise has different encryption than wpa2 personal

openwifi as in open wifi networks, at least enterprise ones.
Not the openwifi service

No, but it needs a cert, just breaking the password is not enough

you install the certificate after you enter the password though

And how the fuck someone knows what kind of cert my AP has?

not really worried about it, but don't use public wifi networks.

on your own you can disable SSID broadcasting and use MAC filtering if you're really that worried.

Post screen cap of the guy that warned us yesterday

you can sniff that though.

There is a simple solution.

Yeah, he did, and you completely ignored that because you're fucking remedial. When you start sentences you're supposed to start them with a capital letter. Enjoy your actual English lesson, you low IQ Paki cunt.

Give me your address so I can come over and stab you to death. I dare you. Or are you too much of a chicken shit pussy?

>implying I don't have a dedicated wall mounted monitor that shows every device connected to my network on 24/7 with an alarm for duplicates or for mac addresses with unexpected device names

good luck breaking hell on my virual Kali Linux machine, retard.

*deposites illegal content on your device and tips fbi*

I don't think they care, they just hit "install"

>deposites illegal content
You can't, fucken n00bz0r.

>disable SSID broadcasting
that makes your slightly MORE vulnerable to yet another attack

Are you retarded? That's like saying you can open up my sshd just because you have the pubkey password but don't have the key itself.

The primary way of fixing this is at the router side, not the client.
Apple will still be just as vulnerable as everything else

>there are no better wifi security after WPA2
>WPA2 had been cracked years ago

Whats the option now?

VPN, like you should've by default anyways

>apple fix
>fix by disabling WPA2
>problem solved.

tell me this isn't gonna happen, kek

>I can't trust others in neighborhood to sniff my password
>so I'll secure it by trusting others in place where I don't know to not sniff my password

WEW

>he fell for the cloud VPN bullshit to secure his internets

The fuck you on about? It's not about my wifi password. It's about others not being able to sniff what I'm doing.
And I was talking about my own VPN, running on a Pi

This looks like a interesting project, how would you do this without going hacky with nmap, grep/sed/diff and setting some kind of alarm on change?

is this going to be implemented into aircrack-ng?

>Years-old encryption method no longer good enough
Not surprising. Hashing functions have needed to become more and more elaborate since MD5 and SHA-1 are no longer good enough.

>IoT devices BTFO
IoT devices have been continuously BTFO since their inception

More importantly 10GHz when? My AP is right in the room of my laptop and 5GHz is not good enough.
I need those 1GB network transfers

WEP is not WPA2

I'll just use WPA3 :^)

I made it up on the spot but it looks very doable, you could even use a small stripped laptop screen for it.

Not knowledgeable about gnu+linux commands though.

The hardest part would probably be the alarm software wise, you could wire one of those very small computer speakers you put on your mobo.

>implying you'll ever get 1GB over wireless

Currently Intel's best wireless NIC is only 1.4Gbit, that's 180MB/s BEFORE every overhead that comes in, so count at least 15% less.

>tfw you work in a casino
>and all our poker machines only support WEP
>for communication with the cashless gaming network

60GHz is next

Several previous papers on weak WPA2 have said that WPA2-Enterprise is invulnerable.

Just use wires.

>yet another hole in the best wi-fi encryption
LI-Fi when?

isn't 802.1x just as vulnerable to traffic snooping at least?

WPA2 Enterprise needs both RADIUS and EAP, it's not a simple preshared key like WPA2-PSK

>want no human within 10 miles
>want broadband internet
when

do tell?

It doesn't, it just makes you stand out like a sore thumb.

You could use gpu to crack wpa2 since fucking ages.

So real talk to an illiterate:

What's the impact on a suburban pleb with a normie netgear router?

Yeah, if your password is 1234567

>74 posts
>no one is telling me how to spy on my wpa2 using neighbors

not really. You guys are pretending to be retarded to get clicks and (you)'s.

LOLOLOLO POO POOS

This. Waste of my fucking time, lmao.

>read the article
>decide to change my password from the default
>netgear limits the online account password to 4-15 characters only
fucking hell

No WPA2 has been crackable by forcing a disconnect then grabbing the resent passcode and decrypting it for as long as it has been around.
Weak passwords made that possible. I assume this new method is easier in terms of hardware demands to crack access?

You think that's bad? My bank limits passwords to 8 character for online banking.

Yeah, it's absolutely crazy the shit they get away with. My family's old bank had the same thing, it's part of the reason why we ended up switching, or so my dad said.

Jealous. I get six alphanumeric characters.

one day in the future the passwords will all b 'a', and you'll need to get a code sent to your phone(tm) to confirm it's you to log in.

Only if they're retarded and don't run RADIUS or some other form of secondary access control like a MDM gatekeeper app or AD login page that triggers after the WPA2 login. If you have to run plain WPA2 for shit like inventory scanners, it needs to be on its own network segment that can only route to the server that the devices are talking to.

Also, Ubiquiti and Mikrotik have already released patches. Cisco is lagging behind as usual.

As usual it'll be shitty consumer APs that are most affected.

do i need to install linux to do this wpa 2 crack? or is it just going to be like an .exe to run?

>Note that our attacksdo not recover the password of the Wi-Fi network.

Useless

>openvpn the protocol is legit
all openvpn does it tunnel tcp or udp sessions via ssl, that's not exactly difficult.

>openvpn the service isnt foss bro.
>(un-related to the protocol and the Open part of the name implys open source but its not)
community.openvpn.net/openvpn/wiki/TesterDocumentation

you have absolutely no fucking idea what the fuck your are talking about, gtfo

So what's a good inexpensive router that will get patched to buy?I;ve been thinking of getting my own router anyway. I'm using isp provided zyxel which probably won't be patched, the wifi is only 2.4GHz on this shit.

>tfw get to save $100 a month on internet

sweet

hi retard

security.stackexchange.com/questions/74658/security-risks-of-disabling-ssid-broadcast

It's out boys: krackattacks.com/
Paper: papers.mathyvanhoef.com/ccs2017.pdf

killyourself.exe

You are confused. WPA2 has not been "crackable". Bruteforcing the password or using dictionary attacks are not the same thing as "cracking" WPA2. You are not exploiting a vulnerability in WPA2. You are exploiting weak passwords.

A stronger protocol would have been designed to resist that however.

You could have established encryption keys via ECDH before actually sending the password over an encrypted link. Then it wouldn't be offline brute forceable.

in what kind of shithole do you live that your banks don't require two factor authentification

Try reading.

>"Currently, all modern protected Wi-Fi networks use the 4-way handshake. This implies all these networks are affected by (some variant of) our attack. For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES."

the fuck, I need to use a separate display card that generates OTPs for logging in

>Ubiquiti
Nice, got their AP a few days ago.

Also planning on "Okay" managed switch, how's
MikroTik 5P Gig look like?

I was planning on getting a used dell/hp from ebay, but shipping costs are unreal to East Europe

Yeah. You're still wrong.