From Robert@RM-Jones.com Thu Oct 2 13:57:43 2008 From: Robert@RM-Jones.com (Robert Jones) Date: Thu, 02 Oct 2008 07:57:43 -0500 Subject: [QCLUG] Organize KMenu Message-ID: <48E4C547.4040206@RM-Jones.com> I sent this earlier but I'm afraid it didn't get through because I used the wrong sending address so I am resending it. Sorry. I have been solving most of my problems with Linux :-) but have come up with one that causes me a lot of distress :-( Being a control freak I like to organize my menu, KMenu since I use KDE, so that I can find things easily. That always presents a problem. Usually when I do this many of my icons just disappear never to be seen again. I have found the place where the changes to Kmenu are stored. It is at /home/robert/.config/menus/applications.menu and there are a lot of applications.menu.undo-## there also. I have tried altering this also to no avail. So far I have tried to sort them out about 4 or 5 times and each time I end up reinstalling to get everything back. I'm a slow learner. Now, if no one knows a good way to do this, I plan to create a new menu heading and place the icons I normally use there by copy and past. Hopefully this won't create another kind of problem. If anyone sorts Kmenu without problems I would sure like to hear how it's done. Thanks for the help. Bob Jones From mriedesel@gmail.com Thu Oct 2 16:19:26 2008 From: mriedesel@gmail.com (Mark Riedesel) Date: Thu, 2 Oct 2008 10:19:26 -0500 Subject: [QCLUG] Organize KMenu In-Reply-To: <48E4C547.4040206@RM-Jones.com> References: <48E4C547.4040206@RM-Jones.com> Message-ID: <1c9537490810020819s5e4005d9md597f281fabf447c@mail.gmail.com> ---------------------- multipart/alternative attachment Hey Bob, You're probably best off creating a separate menu panel and putting things in it manually. I tend to not use the menus all that often because clicking through the menu tree is time consuming. Typically what I do is use the Run Command dialog (Alt+F2), quickly type in the app I'm interested in (eg. firefox, konsole, pidgin, gimp), and hit enter. Additionally, there's a nice keystroke launcher by the name of Launchy ( http://www.launchy.net ). They recently released a linux version but I don't think it's available from the official Ubuntu repositories yet, but you can download the .deb file and install it manually: sudo dpkg -i launchy_2.1.2-1-i386.deb. Mark On Thu, Oct 2, 2008 at 7:57 AM, Robert Jones wrote: > I sent this earlier but I'm afraid it didn't get through because I used the > wrong sending address so I am resending it. Sorry. > > I have been solving most of my problems with Linux :-) but have come up > with one that causes me a lot of distress :-( Being a control freak I like > to organize my menu, KMenu since I use KDE, so that I can find things > easily. That always presents a problem. Usually when I do this many of my > icons just disappear never to be seen again. I have found the place where > the changes to Kmenu are stored. It is at > /home/robert/.config/menus/applications.menu and there are a lot of > applications.menu.undo-## there also. I have tried altering this also to no > avail. So far I have tried to sort them out about 4 or 5 times and each > time I end up reinstalling to get everything back. I'm a slow learner. > Now, if no one knows a good way to do this, I plan to create a new menu > heading and place the icons I normally use there by copy and past. > Hopefully this won't create another kind of problem. > > If anyone sorts Kmenu without problems I would sure like to hear how it's > done. > Thanks for the help. > Bob Jones > > > _______________________________________________ > QCLUG mailing list > QCLUG@qclug.org > http://qclug.org/mailman/listinfo/qclug > ---------------------- multipart/alternative attachment An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/0113ef6b/attachment.htm ---------------------- multipart/alternative attachment-- From Robert@RM-Jones.com Thu Oct 2 16:32:47 2008 From: Robert@RM-Jones.com (Robert Jones) Date: Thu, 02 Oct 2008 10:32:47 -0500 Subject: [QCLUG] Organize KMenu In-Reply-To: <1c9537490810020819s5e4005d9md597f281fabf447c@mail.gmail.com> References: <48E4C547.4040206@RM-Jones.com> <1c9537490810020819s5e4005d9md597f281fabf447c@mail.gmail.com> Message-ID: <48E4E99F.60401@RM-Jones.com> Thank you Mark, I assume that by "creating a separate menu panel" you mean to go into Kmenu and create another sub-menu and putt the things I use there. If that isn't what you mean then I'm not sure how to create a "menu panel". Thanks again Bob Jones Mark Riedesel wrote: > Hey Bob, > > You're probably best off creating a separate menu panel and putting > things in it manually. I tend to not use the menus all that often > because clicking through the menu tree is time consuming. Typically > what I do is use the Run Command dialog (Alt+F2), quickly type in the > app I'm interested in (eg. firefox, konsole, pidgin, gimp), and hit > enter. Additionally, there's a nice keystroke launcher by the name of > Launchy ( http://www.launchy.net ). They recently released a linux > version but I don't think it's available from the official Ubuntu > repositories yet, but you can download the .deb file and install it > manually: sudo dpkg -i launchy_2.1.2-1-i386.deb. > > Mark From mriedesel@gmail.com Thu Oct 2 16:38:36 2008 From: mriedesel@gmail.com (Mark Riedesel) Date: Thu, 2 Oct 2008 10:38:36 -0500 Subject: [QCLUG] Organize KMenu In-Reply-To: <48E4E99F.60401@RM-Jones.com> References: <48E4C547.4040206@RM-Jones.com> <1c9537490810020819s5e4005d9md597f281fabf447c@mail.gmail.com> <48E4E99F.60401@RM-Jones.com> Message-ID: <1c9537490810020838t412133cas34eecbfae72760b2@mail.gmail.com> ---------------------- multipart/alternative attachment Yep, that's what mean :) On Thu, Oct 2, 2008 at 10:32 AM, Robert Jones wrote: > Thank you Mark, I assume that by "creating a separate menu panel" you mean > to go into Kmenu and create another sub-menu and putt the things I use > there. If that isn't what you mean then I'm not sure how to create a "menu > panel". > Thanks again > Bob Jones > > Mark Riedesel wrote: > >> Hey Bob, >> >> You're probably best off creating a separate menu panel and putting things >> in it manually. I tend to not use the menus all that often because clicking >> through the menu tree is time consuming. Typically what I do is use the Run >> Command dialog (Alt+F2), quickly type in the app I'm interested in (eg. >> firefox, konsole, pidgin, gimp), and hit enter. Additionally, there's a nice >> keystroke launcher by the name of Launchy ( http://www.launchy.net ). >> They recently released a linux version but I don't think it's available from >> the official Ubuntu repositories yet, but you can download the .deb file and >> install it manually: sudo dpkg -i launchy_2.1.2-1-i386.deb. >> >> Mark >> > _______________________________________________ > QCLUG mailing list > QCLUG@qclug.org > http://qclug.org/mailman/listinfo/qclug > ---------------------- multipart/alternative attachment An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/877cc803/attachment.htm ---------------------- multipart/alternative attachment-- From Robert@RM-Jones.com Sat Oct 11 13:36:24 2008 From: Robert@RM-Jones.com (Robert Jones) Date: Sat, 11 Oct 2008 07:36:24 -0500 Subject: [QCLUG] A new computer users group in Le Claire Message-ID: <48F09DC8.6050707@RM-Jones.com> This isn't just relating to Linux so I hope you will allow it and forgive me. I am attempting to start a new computer users group in Le Claire and hope to have a Linux SIG at some time in the future. I thought some of you may find it of interest even though most of you don't live near Le Claire. Below is the e-mail I sent out to my e-mail contacts. Bob Jones QCLUG member *************** The Le Claire Computer Users Group (LCCUG) will hold it's first meeting on Tuesday, November 4, 2008 and you are invited. The meeting will be held at the Le Claire Library in the large conference room on the right as you enter the library. There will actually be two meetings that evening. The first meeting will be a new users workshop from 6:00 pm to 7:00 pm. This will be the time for users of any skill level, not just new users, to ask questions and talk about the problems they have encountered. If there are no questions we will demo software of interest to those attending. The second meeting will be from 7:00 pm to 8:00 pm. This will be the main focus of the group and will vary from meeting to meeting. This is your time to have an impact on the course that the users group will take. At this time no format has been decided on. Come to the meeting and express you desires for the course of the group. My only desire, at this time, is to organize a group that will be interesting and beneficial to the computer users of Le Claire and the surrounding community. The future of the Le Claire Computer Users Group could include many things that the members will find of interest. We will be holding our meetings at the Le Claire Library on the first Tuesday of every month. The format of the first hour will be to assist users with their problems. The second hour will vary. It could include a discussion period, demonstrations, show and tell, whatever the group finds of interest concerning computers and the internet. I hope that this portion of the monthly meetings will be semi-formal in that there will be a guided plan for each months meeting but still allow for a give and take with the group. Hopefully, as the group gets larger we will have Special Interest Groups (SIGs) that will meet on different days and will be subject specific. Such groups, if any begin, could cover subjects that are of specific interest such as genealogy, the internet, Linux or whatever a group of the members find of interest. The Library has offered some of their laptop computers for our use (MS Windows Vista) and I will have my laptop (Ubuntu Linux) there also. From time to time I will bring my desktop computer (MS Windows XP) to meetings for demonstration of software. Now what we need is people. Please mark your calendar on November 4th and plan on attending to help determine the future of the group. _*Please forward this e-mail to all of your e-mail contacts that live in the Le Claire area and ask them to forward it to their friends and contacts. We need your help and support to get the Le Claire Computers User Group off the ground.*_ I plan to establish a LCCUG website on my server space and hope to have this up in the near future. The websites address will be www.lccug.us . Please notice that this is a .us site (not a .com or a .org). If you plan on attending please let me, Bob Jones, know so I can plan for enough seating for everyone. You can call me at 563-289-5647 or send an e-mail to Robert@RM-Jones.com which is my website. Thank You Bob Jones From agamotto@sbcglobal.net Mon Oct 13 15:18:35 2008 From: agamotto@sbcglobal.net (agamotto) Date: Mon, 13 Oct 2008 09:18:35 -0500 Subject: [QCLUG] Recent article on Slashdot and VPN setup Message-ID: <48F358BB.30102@sbcglobal.net> I read last night that apparently gfx cards can now be used to hack WEP and WPA networks with relative ease. Anyone coming to the meeting tomorrow care to discuss setting up a VPN with the usual DSL or Cable router/modem setup? I am a bit confused as to where the VPN sits in terms of setup. I figured this might be a good discussion topic! From mriedesel@gmail.com Mon Oct 13 15:46:28 2008 From: mriedesel@gmail.com (Mark Riedesel) Date: Mon, 13 Oct 2008 09:46:28 -0500 Subject: [QCLUG] Recent article on Slashdot and VPN setup In-Reply-To: <48F358BB.30102@sbcglobal.net> References: <48F358BB.30102@sbcglobal.net> Message-ID: <1c9537490810130746k79008dd4m4831914520f49d31@mail.gmail.com> ---------------------- multipart/alternative attachment Those ingenious Russians. I plan to be there! On Mon, Oct 13, 2008 at 9:18 AM, agamotto wrote: > I read last night that apparently gfx cards can now be used to hack > WEP and WPA networks with relative ease. Anyone coming to the meeting > tomorrow care to discuss setting up a VPN with the usual DSL or Cable > router/modem setup? I am a bit confused as to where the VPN sits in terms > of setup. > > I figured this might be a good discussion topic! > > _______________________________________________ > QCLUG mailing list > QCLUG@qclug.org > http://qclug.org/mailman/listinfo/qclug > ---------------------- multipart/alternative attachment An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/40b20699/attachment.htm ---------------------- multipart/alternative attachment-- From arronlorenz@gmail.com Mon Oct 13 16:07:28 2008 From: arronlorenz@gmail.com (Arron Lorenz) Date: Mon, 13 Oct 2008 10:07:28 -0500 Subject: [QCLUG] Recent article on Slashdot and VPN setup In-Reply-To: <1c9537490810130746k79008dd4m4831914520f49d31@mail.gmail.com> References: <48F358BB.30102@sbcglobal.net> <1c9537490810130746k79008dd4m4831914520f49d31@mail.gmail.com> Message-ID: <30cf66b30810130807l791e6d6bsc0441835e85287ae@mail.gmail.com> ---------------------- multipart/alternative attachment I read the article you mentioned and the method for cracking is still the same method they just figured out that if you use hundreds/thousands of networked pc's that it goes faster. >From the article: "The 100-fold increase in speed is achieved with two GeForce GTX280's per workstation" Now that is two (2) Nvidia GTX 280's per workstation. They also said you would need 20 of these workstations. They also mentioned in the article that: "This will, of course, mainly affect simple ascii keys. And it will only work against static keys; anyone using more complicated authentication schemes will not be at risk for now. But since that takes a couple of extra minutes when installing, smaller businesses or departments often skip setting this up." I hope that no one is using simple keys for their passwords. "abcd1234" will be cracked quickly whereas "a^b#c$d*1.2,3?4" will take a lot longer. original article: http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-speed/ So I would say make sure your WPA keys are updated to a good password. Make sure that you change it regularly (The Ron Popeil "Set it and forget it" method of security is not good). Also don't put important financial data over wireless. I also would make sure to not piss off anyone with $20,000 in top of the line nvidia graphics cards. Thanks, Arron On Mon, Oct 13, 2008 at 9:46 AM, Mark Riedesel wrote: > Those ingenious Russians. I plan to be there! > > > On Mon, Oct 13, 2008 at 9:18 AM, agamotto wrote: > >> I read last night that apparently gfx cards can now be used to hack >> WEP and WPA networks with relative ease. Anyone coming to the meeting >> tomorrow care to discuss setting up a VPN with the usual DSL or Cable >> router/modem setup? I am a bit confused as to where the VPN sits in terms >> of setup. >> >> I figured this might be a good discussion topic! >> >> _______________________________________________ >> QCLUG mailing list >> QCLUG@qclug.org >> http://qclug.org/mailman/listinfo/qclug >> > > -- From: Arron James Lorenz Reel to Reel Drive In http://www.DavenportDriveIn.com 563-579-7046 ---------------------- multipart/alternative attachment An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/a00cd788/attachment.htm ---------------------- multipart/alternative attachment-- From arronlorenz@gmail.com Mon Oct 13 16:11:40 2008 From: arronlorenz@gmail.com (Arron Lorenz) Date: Mon, 13 Oct 2008 10:11:40 -0500 Subject: [QCLUG] Recent article on Slashdot and VPN setup In-Reply-To: <30cf66b30810130807l791e6d6bsc0441835e85287ae@mail.gmail.com> References: <48F358BB.30102@sbcglobal.net> <1c9537490810130746k79008dd4m4831914520f49d31@mail.gmail.com> <30cf66b30810130807l791e6d6bsc0441835e85287ae@mail.gmail.com> Message-ID: <30cf66b30810130811x3032ee96qaa9fa0656b7994bf@mail.gmail.com> ---------------------- multipart/alternative attachment I also should mention that in Soviet Russia you don't crack WPA, WPA CRACKS YOU!! On Mon, Oct 13, 2008 at 10:07 AM, Arron Lorenz wrote: > I read the article you mentioned and the method for cracking is still the > same method they just figured out that if you use hundreds/thousands of > networked pc's that it goes faster. > From the article: > > "The 100-fold increase in speed is achieved with two GeForce GTX280's per > workstation" > > Now that is two (2) Nvidia GTX 280's per workstation. They also said you > would need 20 of these workstations. > > They also mentioned in the article that: > "This will, of course, mainly affect simple ascii keys. And it will only > work against static keys; anyone using more complicated authentication > schemes will not be at risk for now. But since that takes a couple of extra > minutes when installing, smaller businesses or departments often skip > setting this up." > > I hope that no one is using simple keys for their passwords. "abcd1234" > will be cracked quickly whereas "a^b#c$d*1.2,3?4" will take a lot longer. > > original article: > http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-speed/ > > So I would say make sure your WPA keys are updated to a good password. Make > sure that you change it regularly (The Ron Popeil "Set it and forget it" > method of security is not good). Also don't put important financial data > over wireless. I also would make sure to not piss off anyone with $20,000 in > top of the line nvidia graphics cards. > > Thanks, > Arron > > > > On Mon, Oct 13, 2008 at 9:46 AM, Mark Riedesel wrote: > >> Those ingenious Russians. I plan to be there! >> >> >> On Mon, Oct 13, 2008 at 9:18 AM, agamotto wrote: >> >>> I read last night that apparently gfx cards can now be used to >>> hack WEP and WPA networks with relative ease. Anyone coming to the meeting >>> tomorrow care to discuss setting up a VPN with the usual DSL or Cable >>> router/modem setup? I am a bit confused as to where the VPN sits in terms >>> of setup. >>> >>> I figured this might be a good discussion topic! >>> >>> _______________________________________________ >>> QCLUG mailing list >>> QCLUG@qclug.org >>> http://qclug.org/mailman/listinfo/qclug >>> >> >> > > > -- > From: > Arron James Lorenz > Reel to Reel Drive In > http://www.DavenportDriveIn.com > 563-579-7046 > -- From: Arron James Lorenz Reel to Reel Drive In http://www.DavenportDriveIn.com 563-579-7046 ---------------------- multipart/alternative attachment An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/3492e7a9/attachment.htm ---------------------- multipart/alternative attachment-- From QCAdmin@gmail.com Mon Oct 13 19:41:31 2008 From: QCAdmin@gmail.com (Chris Cooper) Date: Mon, 13 Oct 2008 13:41:31 -0500 Subject: [QCLUG] Recent article on Slashdot and VPN setup In-Reply-To: <30cf66b30810130811x3032ee96qaa9fa0656b7994bf@mail.gmail.com> References: <48F358BB.30102@sbcglobal.net> <1c9537490810130746k79008dd4m4831914520f49d31@mail.gmail.com> <30cf66b30810130807l791e6d6bsc0441835e85287ae@mail.gmail.com> <30cf66b30810130811x3032ee96qaa9fa0656b7994bf@mail.gmail.com> Message-ID: The WPA2 standard is far from dead. This only applies to WPA/WPA2 PSK (Pre-Shared Key). It has no effect on WPA-EAP (or any variation thereof). If you use a radius server for WPA Authentication, this article means nothing. Hardware assisted WPA-PSK cracking is nothing new. coWPAtty (a popular WPA cracking utility) already has support for FPGA hardware acceleration. What they did was simply alter the code to use the new NVida API (the NVidia in API mode acts almost like an FPGA for the heavy floating point math required by RC4 and AES encryption). Back in May, Lockheed used the Playstation 3 Cell processor to do the same: http://www.networkcomputing.com/blog/dailyblog/archives/2008/05/lockheed_breaks.html This really isn't anything new, just a new application. Even at that, it is still just brute forcing. This isn't like WEP where they found design flaws that let them derive the keys. Given enough processing power, any encryption is trivialized. The 3DES standard once used by Linux crypt() is just as cryptographically sound as AES. The only difference is AES can use larger keys at the cost of MUCH greater processing power. This increases the time required to exhaust the entire keyspace during a brute force attack. As computers get faster and faster, and the average core count becomes greater, all of our current encryption standards will become trivialized, much the way 3DES has. As Arron pointed out, it really just boils down to password strength. A great password generator and site explaining password strength and complexity is: https://www.grc.com/passwords.htm On Mon, Oct 13, 2008 at 10:11 AM, Arron Lorenz wrote: > I also should mention that in Soviet Russia you don't crack WPA, WPA CRACKS > YOU!! > > On Mon, Oct 13, 2008 at 10:07 AM, Arron Lorenz > wrote: >> >> I read the article you mentioned and the method for cracking is still the >> same method they just figured out that if you use hundreds/thousands of >> networked pc's that it goes faster. >> From the article: >> "The 100-fold increase in speed is achieved with two GeForce GTX280's per >> workstation" >> Now that is two (2) Nvidia GTX 280's per workstation. They also said you >> would need 20 of these workstations. >> >> They also mentioned in the article that: >> "This will, of course, mainly affect simple ascii keys. And it will only >> work against static keys; anyone using more complicated authentication >> schemes will not be at risk for now. But since that takes a couple of extra >> minutes when installing, smaller businesses or departments often skip >> setting this up." >> I hope that no one is using simple keys for their passwords. "abcd1234" >> will be cracked quickly whereas "a^b#c$d*1.2,3?4" will take a lot longer. >> original >> article: http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-speed/ >> So I would say make sure your WPA keys are updated to a good password. >> Make sure that you change it regularly (The Ron Popeil "Set it and forget >> it" method of security is not good). Also don't put important financial data >> over wireless. I also would make sure to not piss off anyone with $20,000 in >> top of the line nvidia graphics cards. >> Thanks, >> Arron >> >> >> On Mon, Oct 13, 2008 at 9:46 AM, Mark Riedesel >> wrote: >>> >>> Those ingenious Russians. I plan to be there! >>> >>> On Mon, Oct 13, 2008 at 9:18 AM, agamotto wrote: >>>> >>>> I read last night that apparently gfx cards can now be used to >>>> hack WEP and WPA networks with relative ease. Anyone coming to the meeting >>>> tomorrow care to discuss setting up a VPN with the usual DSL or Cable >>>> router/modem setup? I am a bit confused as to where the VPN sits in terms >>>> of setup. >>>> >>>> I figured this might be a good discussion topic! >>>> >>>> _______________________________________________ >>>> QCLUG mailing list >>>> QCLUG@qclug.org >>>> http://qclug.org/mailman/listinfo/qclug >>> >> >> >> >> -- >> From: >> Arron James Lorenz >> Reel to Reel Drive In >> http://www.DavenportDriveIn.com >> 563-579-7046 > > > > -- > From: > Arron James Lorenz > Reel to Reel Drive In > http://www.DavenportDriveIn.com > 563-579-7046 > From hinkle@cipafilter.com Mon Oct 13 19:56:30 2008 From: hinkle@cipafilter.com (David Hinkle) Date: Mon, 13 Oct 2008 13:56:30 -0500 Subject: [QCLUG] Recent article on Slashdot and VPN setup References: <48F358BB.30102@sbcglobal.net><1c9537490810130746k79008dd4m4831914520f49d31@mail.gmail.com><30cf66b30810130807l791e6d6bsc0441835e85287ae@mail.gmail.com><30cf66b30810130811x3032ee96qaa9fa0656b7994bf@mail.gmail.com> Message-ID: <41CAB934FDE0DA4392781E79BDF189470117EC06@cipapdc.cipafilter.com> This is a multi-part message in MIME format. ---------------------- multipart/alternative attachment WPA in all it's mutant forms probably isn't going away any time soon, = but it arguable should never have been born. For day to day = applications such as playing world of warcraft and picking up girls on = the internet it's fine, but if you really need to keep something = confidential you should be using something with a lot longer history and = a lot more research behind it. Wep was always a hack, and will always be a hack, the purpose of which = is only to give lip service to security without having to build AP's = with enough horse power to do real encryption. Whatever parts of the = standard may or may not have been broken at any given time is = irrelevant, it'll all get broken sooner rather than later anyway. The = golden rule: Anyone smart enough to design their own secure crypto = system knows better than to do so. If the people who designed WEP were = smart enough to build a secure encryption system they would have done so = by deploying IPSEC. David -----Original Message----- From: qclug-bounces@qclug.org on behalf of Chris Cooper Sent: Mon 10/13/2008 1:41 PM To: qclug@qclug.org Subject: Re: [QCLUG] Recent article on Slashdot and VPN setup =20 The WPA2 standard is far from dead. This only applies to WPA/WPA2 PSK (Pre-Shared Key). It has no effect on WPA-EAP (or any variation thereof). If you use a radius server for WPA Authentication, this article means nothing. Hardware assisted WPA-PSK cracking is nothing new. coWPAtty (a popular WPA cracking utility) already has support for FPGA hardware acceleration. What they did was simply alter the code to use the new NVida API (the NVidia in API mode acts almost like an FPGA for the heavy floating point math required by RC4 and AES encryption). Back in May, Lockheed used the Playstation 3 Cell processor to do the = same: http://www.networkcomputing.com/blog/dailyblog/archives/2008/05/lockheed_= breaks.html This really isn't anything new, just a new application. Even at that, it is still just brute forcing. This isn't like WEP where they found design flaws that let them derive the keys. Given enough processing power, any encryption is trivialized. The 3DES standard once used by Linux crypt() is just as cryptographically sound as AES. The only difference is AES can use larger keys at the cost of MUCH greater processing power. This increases the time required to exhaust the entire keyspace during a brute force attack. As computers get faster and faster, and the average core count becomes greater, all of our current encryption standards will become trivialized, much the way 3DES has. As Arron pointed out, it really just boils down to password strength. A great password generator and site explaining password strength and complexity is: https://www.grc.com/passwords.htm On Mon, Oct 13, 2008 at 10:11 AM, Arron Lorenz = wrote: > I also should mention that in Soviet Russia you don't crack WPA, WPA = CRACKS > YOU!! > > On Mon, Oct 13, 2008 at 10:07 AM, Arron Lorenz > wrote: >> >> I read the article you mentioned and the method for cracking is still = the >> same method they just figured out that if you use hundreds/thousands = of >> networked pc's that it goes faster. >> From the article: >> "The 100-fold increase in speed is achieved with two GeForce GTX280's = per >> workstation" >> Now that is two (2) Nvidia GTX 280's per workstation. They also said = you >> would need 20 of these workstations. >> >> They also mentioned in the article that: >> "This will, of course, mainly affect simple ascii keys. And it will = only >> work against static keys; anyone using more complicated = authentication >> schemes will not be at risk for now. But since that takes a couple of = extra >> minutes when installing, smaller businesses or departments often skip >> setting this up." >> I hope that no one is using simple keys for their passwords. = "abcd1234" >> will be cracked quickly whereas "a^b#c$d*1.2,3?4" will take a lot = longer. >> original >> article: = http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold= -increase-in-wpa2-cracking-speed/ >> So I would say make sure your WPA keys are updated to a good = password. >> Make sure that you change it regularly (The Ron Popeil "Set it and = forget >> it" method of security is not good). Also don't put important = financial data >> over wireless. I also would make sure to not piss off anyone with = $20,000 in >> top of the line nvidia graphics cards. >> Thanks, >> Arron >> >> >> On Mon, Oct 13, 2008 at 9:46 AM, Mark Riedesel >> wrote: >>> >>> Those ingenious Russians. I plan to be there! >>> >>> On Mon, Oct 13, 2008 at 9:18 AM, agamotto = wrote: >>>> >>>> I read last night that apparently gfx cards can now be used = to >>>> hack WEP and WPA networks with relative ease. Anyone coming to the = meeting >>>> tomorrow care to discuss setting up a VPN with the usual DSL or = Cable >>>> router/modem setup? I am a bit confused as to where the VPN sits = in terms >>>> of setup. >>>> >>>> I figured this might be a good discussion topic! >>>> >>>> _______________________________________________ >>>> QCLUG mailing list >>>> QCLUG@qclug.org >>>> http://qclug.org/mailman/listinfo/qclug >>> >> >> >> >> -- >> From: >> Arron James Lorenz >> Reel to Reel Drive In >> http://www.DavenportDriveIn.com >> 563-579-7046 > > > > -- > From: > Arron James Lorenz > Reel to Reel Drive In > http://www.DavenportDriveIn.com > 563-579-7046 > _______________________________________________ QCLUG mailing list QCLUG@qclug.org http://qclug.org/mailman/listinfo/qclug ---------------------- multipart/alternative attachment An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/09130d76/attachment.htm ---------------------- multipart/alternative attachment-- From dbergert@gmail.com Mon Oct 13 20:52:10 2008 From: dbergert@gmail.com (Dave Bergert) Date: Mon, 13 Oct 2008 14:52:10 -0500 Subject: [QCLUG] Recent article on Slashdot and VPN setup In-Reply-To: <41CAB934FDE0DA4392781E79BDF189470117EC06@cipapdc.cipafilter.com> References: <48F358BB.30102@sbcglobal.net><1c9537490810130746k79008dd4m4831914520f49d31@mail.gmail.com><30cf66b30810130807l791e6d6bsc0441835e85287ae@mail.gmail.com><30cf66b30810130811x3032ee96qaa9fa0656b7994bf@mail.gmail.com> <41CAB934FDE0DA4392781E79BDF189470117EC06@cipapdc.cipafilter.com> Message-ID: <7D280F2A-A891-4986-9220-C6988D0BB9E0@gmail.com> ---------------------- multipart/alternative attachment Two good articles on this: http://www.formortals.com/Default.aspx?tabid=36&EntryID=119 http://erratasec.blogspot.com/2008/10/wpa-is-not-obsolete.html On Oct 13, 2008, at 1:56 PM, David Hinkle wrote: > WPA in all it's mutant forms probably isn't going away any time > soon, but it arguable should never have been born. For day to day > applications such as playing world of warcraft and picking up girls > on the internet it's fine, but if you really need to keep something > confidential you should be using something with a lot longer history > and a lot more research behind it. > > Wep was always a hack, and will always be a hack, the purpose of > which is only to give lip service to security without having to > build AP's with enough horse power to do real encryption. Whatever > parts of the standard may or may not have been broken at any given > time is irrelevant, it'll all get broken sooner rather than later > anyway. The golden rule: Anyone smart enough to design their own > secure crypto system knows better than to do so. If the people who > designed WEP were smart enough to build a secure encryption system > they would have done so by deploying IPSEC. > > David > > > -----Original Message----- > From: qclug-bounces@qclug.org on behalf of Chris Cooper > Sent: Mon 10/13/2008 1:41 PM > To: qclug@qclug.org > Subject: Re: [QCLUG] Recent article on Slashdot and VPN setup > > The WPA2 standard is far from dead. This only applies to WPA/WPA2 PSK > (Pre-Shared Key). It has no effect on WPA-EAP (or any variation > thereof). If you use a radius server for WPA Authentication, this > article means nothing. > > Hardware assisted WPA-PSK cracking is nothing new. coWPAtty (a > popular WPA cracking utility) already has support for FPGA hardware > acceleration. What they did was simply alter the code to use the new > NVida API (the NVidia in API mode acts almost like an FPGA for the > heavy floating point math required by RC4 and AES encryption). > > Back in May, Lockheed used the Playstation 3 Cell processor to do > the same: > http://www.networkcomputing.com/blog/dailyblog/archives/2008/05/lockheed_breaks.html > > This really isn't anything new, just a new application. Even at that, > it is still just brute forcing. This isn't like WEP where they found > design flaws that let them derive the keys. > Given enough processing power, any encryption is trivialized. The > 3DES standard once used by Linux crypt() is just as cryptographically > sound as AES. The only difference is AES can use larger keys at the > cost of MUCH greater processing power. This increases the time > required to exhaust the entire keyspace during a brute force attack. > As computers get faster and faster, and the average core count becomes > greater, all of our current encryption standards will become > trivialized, much the way 3DES has. > > As Arron pointed out, it really just boils down to password strength. > A great password generator and site explaining password strength and > complexity is: > https://www.grc.com/passwords.htm > > > > On Mon, Oct 13, 2008 at 10:11 AM, Arron Lorenz > wrote: > > I also should mention that in Soviet Russia you don't crack WPA, > WPA CRACKS > > YOU!! > > > > On Mon, Oct 13, 2008 at 10:07 AM, Arron Lorenz > > > wrote: > >> > >> I read the article you mentioned and the method for cracking is > still the > >> same method they just figured out that if you use hundreds/ > thousands of > >> networked pc's that it goes faster. > >> From the article: > >> "The 100-fold increase in speed is achieved with two GeForce > GTX280's per > >> workstation" > >> Now that is two (2) Nvidia GTX 280's per workstation. They also > said you > >> would need 20 of these workstations. > >> > >> They also mentioned in the article that: > >> "This will, of course, mainly affect simple ascii keys. And it > will only > >> work against static keys; anyone using more complicated > authentication > >> schemes will not be at risk for now. But since that takes a > couple of extra > >> minutes when installing, smaller businesses or departments often > skip > >> setting this up." > >> I hope that no one is using simple keys for their passwords. > "abcd1234" > >> will be cracked quickly whereas "a^b#c$d*1.2,3?4" will take a lot > longer. > >> original > >> article: http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-speed/ > >> So I would say make sure your WPA keys are updated to a good > password. > >> Make sure that you change it regularly (The Ron Popeil "Set it > and forget > >> it" method of security is not good). Also don't put important > financial data > >> over wireless. I also would make sure to not piss off anyone with > $20,000 in > >> top of the line nvidia graphics cards. > >> Thanks, > >> Arron > >> > >> > >> On Mon, Oct 13, 2008 at 9:46 AM, Mark Riedesel > > >> wrote: > >>> > >>> Those ingenious Russians. I plan to be there! > >>> > >>> On Mon, Oct 13, 2008 at 9:18 AM, agamotto > wrote: > >>>> > >>>> I read last night that apparently gfx cards can now be > used to > >>>> hack WEP and WPA networks with relative ease. Anyone coming to > the meeting > >>>> tomorrow care to discuss setting up a VPN with the usual DSL or > Cable > >>>> router/modem setup? I am a bit confused as to where the VPN > sits in terms > >>>> of setup. > >>>> > >>>> I figured this might be a good discussion topic! > >>>> > >>>> _______________________________________________ > >>>> QCLUG mailing list > >>>> QCLUG@qclug.org > >>>> http://qclug.org/mailman/listinfo/qclug > >>> > >> > >> > >> > >> -- > >> From: > >> Arron James Lorenz > >> Reel to Reel Drive In > >> http://www.DavenportDriveIn.com > >> 563-579-7046 > > > > > > > > -- > > From: > > Arron James Lorenz > > Reel to Reel Drive In > > http://www.DavenportDriveIn.com > > 563-579-7046 > > > _______________________________________________ > QCLUG mailing list > QCLUG@qclug.org > http://qclug.org/mailman/listinfo/qclug > > Dave Bergert dbergert@gmail.com ---------------------- multipart/alternative attachment An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/1565bdf9/attachment.htm ---------------------- multipart/alternative attachment-- From jjmoore@att.net Wed Oct 29 05:01:28 2008 From: jjmoore@att.net (jjmoore@att.net) Date: Wed, 29 Oct 2008 05:01:28 +0000 Subject: [QCLUG] 939 board Message-ID: <102920080501.8378.4907EE2400057419000020BA22230703729B0A02D29B9B0EBF0A9D0101030606@att.net> ---------------------- multipart/alternative attachment Okay, I know this is not exactly linux-related, but I know you guys have had messages from time to time about hardware . . . and while I've not been an active contributor, I do (did) like to at least watch from the sidelines and attend a meeting from time to time. For some unknown reason, I am no longer receiving the list messages in my email--says they're bouncing and I have no idea why as I sure get plenty of other stuff I don't want. So this is a long shot and please bear with me . . . I'm using a borrowed laptop as my 'puter turned its little toes up some time ago, been over a month I think. Anyway I thought I'd go as cheaply as possible since I had to replace almost everything -- power supply, UPS, monitor, keyboard -- and got a 939 board hoping my CPU and memory were ok. Somehow a couple of pins were bent and the more I tried to fix it the worse it got, so I got a new chip too. Could not get it to POST at all. I'm on the second board with the same results: fans turn, but that is all. It's a Foxconn winfast--I can tell you the entire number if anyone is interested. What should I do? Would anyone like to try it to see if he can get it going? If you can, would you like to buy it from me? Cost me about $80, more really, if I count return shipping. Sorry for being so long-winded! Juanita ---------------------- multipart/alternative attachment --NextPart_Webmail_9m3u9jl4l_8378_1225256488_1 An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/ad9f6c8f/attachment.htm --NextPart_Webmail_9m3u9jl4l_8378_1225256488_1-- ---------------------- multipart/alternative attachment-- From mriedesel@gmail.com Wed Oct 29 05:56:49 2008 From: mriedesel@gmail.com (Mark Riedesel) Date: Wed, 29 Oct 2008 00:56:49 -0500 Subject: [QCLUG] 939 board In-Reply-To: <102920080501.8378.4907EE2400057419000020BA22230703729B0A02D29B9B0EBF0A9D0101030606@att.net> References: <102920080501.8378.4907EE2400057419000020BA22230703729B0A02D29B9B0EBF0A9D0101030606@att.net> Message-ID: <1c9537490810282256k49699d62w1e4bd93ac0f786f8@mail.gmail.com> It produces no beeps? Nothing? On Wed, Oct 29, 2008 at 12:01 AM, wrote: > Okay, I know this is not exactly linux-related, but I know you guys have had > messages from time to time about hardware . . . and while I've not been an > active contributor, I do (did) like to at least watch from the sidelines and > attend a meeting from time to time. For some unknown reason, I am no longer > receiving the list messages in my email--says they're bouncing and I have no > idea why as I sure get plenty of other stuff I don't want. So this is a > long shot and please bear with me . . . > > I'm using a borrowed laptop as my 'puter turned its little toes up some time > ago, been over a month I think. Anyway I thought I'd go as cheaply as > possible since I had to replace almost everything -- power supply, UPS, > monitor, keyboard -- and got a 939 board hoping my CPU and memory were > ok. Somehow a couple of pins were bent and the more I tried to fix it the > worse it got, so I got a new chip too. Could not get it to POST at all. > I'm on the second board with the same results: fans turn, but that is all. > It's a Foxconn winfast--I can tell you the entire number if anyone is > interested. > > What should I do? Would anyone like to try it to see if he can get it > going? If you can, would you like to buy it from me? Cost me about $80, > more really, if I count return shipping. > > Sorry for being so long-winded! > > Juanita > From jjmoore@att.net Thu Oct 30 00:57:12 2008 From: jjmoore@att.net (jjmoore@att.net) Date: Thu, 30 Oct 2008 00:57:12 +0000 Subject: [QCLUG] 939 board Message-ID: <103020080057.5567.49090667000705A8000015BF22230647029B0A02D29B9B0EBF0A9D0101030606@att.net> ---------------------- multipart/alternative attachment Hey Mark, First, do you have any idea why my message is long long strung out lines? On the website, I mean, as that's where I have to go to read. Seen that from time to time with some others. Trying hard returns this time. I suppose that will cause other weirdities. I'm using webmail access to get and write mail. Well, first I suppose there were no beeps because one wire was off the speaker, but a very nice tech at a local store soldered it back on for me. And, once I did get some beeps-- one long, repeated several times, but not matching any Phoenix beep sequences, and never again on subsequent boot attempts. I did it without the memory to try to get some beeping, hoping that would mean the CPU was all right. Today my new stuff arrived and I am getting POST! Looks like my video card may have gotten fried along with the mobo, as I did not get the same result with it as with the onboard video on the Gigabyte. (I gave up and just got some better stuff) The Foxconn does not have onboard video. ---------------------- multipart/alternative attachment --NextPart_Webmail_9m3u9jl4l_5567_1225328232_1 An HTML attachment was scrubbed... URL: http://qclug.org/pipermail/qclug/attachments/1761140f/attachment.htm --NextPart_Webmail_9m3u9jl4l_5567_1225328232_1-- ---------------------- multipart/alternative attachment--