cancel
Showing results for 
Search instead for 
Did you mean: 

So you think your WiFi network is secure?

Midnight_Caller
Rising Star
Posts: 4,167
Thanks: 15
Fixes: 1
Registered: ‎15-04-2007

So you think your WiFi network is secure?

Hi All
So you think your WiFi network is secure?  Think again!
[quote="Wpa Cracker"]
An Introduction
WPA Cracker is a cloud cracking service for penetration testers and network auditors who need to check the security of WPA-PSK protected wireless networks.
WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take over 5 days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes, for only $17.
NEW :: We now offer Germany dictionary support, a 284 million word extended English dictionary option, and ZIP file cracking.

Tip; use a long and complex password with non-alpha characters.
11 REPLIES 11
wacky17
Grafter
Posts: 134
Registered: ‎25-06-2008

Re: So you think your WiFi network is secure?

Quote from: Midnight
Tip; use a long and complex password with non-alpha characters.

I do as i have done this to my own router over a wep encryption just to see if i can crack it and to see how it works. It really opened my eyes how easy it is as if i can do it anybody can.
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: So you think your WiFi network is secure?

Where do I put the aerial of the 400PC cluster so that it can attack my access point AKA router?

"In The Beginning Was The Word, And The Word Was Aardvark."

7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: So you think your WiFi network is secure?

You don't.. I expect you capture a encrypted data stream of packets and then upload it to be analyzed by the cloud which will then turn its resources to cracking it and then providing you with a key to use.
I need a new signature... i'm bored of the old one!
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: So you think your WiFi network is secure?

I don't understand.
I thought the password breaking technique relied on sending short packets of mostly known composition and using the replies from the access point in a subtle way.
I have given my router a hexadecimal password (selected from a table of pseudo-random numbers), so a brute force attack with a dictionary about 10,000 times bigger ought to crack it. Cheesy
BTW 20 minutes x 10,000 is quite a long time.

"In The Beginning Was The Word, And The Word Was Aardvark."

7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: So you think your WiFi network is secure?

Quote from: A
I don't understand.
I thought the password breaking technique relied on sending short packets of mostly known composition and using the replies from the access point in a subtle way.

That may be but most wifi sniffers will allow you to save the sniffed packets for later analysis. Therefore you could (as already said) upload this to a machine with more power (in this case a cloud computer) which can process it all in parallel (ie across multiple systems and processors at the same time - each one doing its own little bit) until it is successfully cracked. At that point all you need is to see what the key is on a webpage and away you go.
Simple in theory.. writing the code to do it however must be horrible!
I need a new signature... i'm bored of the old one!
AWB70
Aspiring Pro
Posts: 1,197
Thanks: 20
Fixes: 3
Registered: ‎28-08-2007

Re: So you think your WiFi network is secure?

I use a password generator for my passwords. The technology behind what the OP mentions sounds a bit like Life with playstation. A small work unit to see how things synthesise is uploaded to multiple machines which then put together their processing power to work it out and the results are then uploaded back to life.
seanbranagh
Grafter
Posts: 1,236
Registered: ‎02-08-2007

Re: So you think your WiFi network is secure?

I am still using WEP! I know it is insane but I live in the middle of nowhere and have not got round to changing it.
I have 2 access points on my end of the network, 2 making up the wireless bridge and a wireless router at the other end all needing changed along with all wireless devices. I will get around to that soon!
I only just locked down all unused ports in iptables on my virtual servers yesterday after moving directly onto public ip's.
chillypenguin
Grafter
Posts: 4,729
Registered: ‎04-04-2007

Re: So you think your WiFi network is secure?

Just use a VPN over the wireless link.
I treated myself to a Alfa AWUS036H with a 9dBm omni, I can now get 250 (Two hundred and fifty) networks using Kismet with the adaptor stuck in my office window!!
7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: So you think your WiFi network is secure?

Quote from: Sean
I am still using WEP! I know it is insane

On the contrary I don't think its insane. I still use wep too because its all my wireless card supports.
It's based on the rallink 2500 chipset which means that it can be used as an access point too. I leave it in access point 24x7 and have it bridged in windows to my wired lan. While wep is crackable I'd like to find any normal script kiddie who can script their way through zonealarm Wink I've got a very restricted range of IPs accepted in its configuration so I don't think anyone will be getting onto my network anytime soon. I've also got the card setup to only allow wireless access from 2 mac addresses too  Cool
Anything is possible but there are always ways to confuse an attacker. Phpmyadmin is another good example. Many people have it on their server in a directory called phpmyadmin. I didn't do that as it seemed like an obvious flaw so I called it phpadmin. Within a week there were bots trying to call the default setup scripts in the default directory name all of which got a 404 error. Eventually I changed the name to something a lot longer and harder to guess. Defence by illusion.. one of the best methods out there because you can't attack something you can't see.
I need a new signature... i'm bored of the old one!
zubel
Community Veteran
Posts: 3,793
Thanks: 4
Registered: ‎08-06-2007

Re: So you think your WiFi network is secure?

7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: So you think your WiFi network is secure?

Nice link there Baz, explains what I was trying to point out rather well Wink
I need a new signature... i'm bored of the old one!