How can I protect my Wireless Internet?

Discussion in 'other security issues & news' started by TheMozart, Jul 14, 2011.

Thread Status:
Not open for further replies.
  1. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    I just read a story about some guy using hacking software to crack his neighbors encrypted wireless internet connection.

    My wireless internet uses WPA2-PSK and AES+TKIP and I have an 8 character password which contains letters and numbers.

    Can I still be hacked and someone still use my internet?
     
    Last edited: Jul 14, 2011
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    To make the hack via wireless only theoretical increase the length of the password to over 20 chars and make it a alpha numeric mixture. For extreme security use a password generator and maximum length.
    https://www.grc.com/passwords.htm
     
  3. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
  4. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    What's an alpha numeric mixture mean?

    So how can someone hack an encrypted 8 character password which uses 256-bit encryption? I thought that takes millions of years. Since when can they crack that?:blink:

    BTW, I used that link and copied 20 alpha numeric characters for my new password and chose 802.11 Authentication: WPA2-PSK and WPA Encryption: AES.

    Anything else I should do?
     
    Last edited: Jul 14, 2011
  5. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    It doesn't. Now, how likely is that anybody would bother to attempt your 8 char password. Unlikely of course but you know that already.
     
  6. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    In any case, I do feel better as I now have an 20 alpha numeric characters for my new password and chose 802.11 Authentication: WPA2-PSK and WPA Encryption: AES.

    Do you recommend anything else I can do to protect my Wireless Internet from being hacked? Or is the 20 alpha numeric character password and WPA2-PSK and AES enough?
     
  7. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    A brute force of a WPA or WPA2 8 character password will still take longer than the lifetime of the device. Generally you will be safe if you just avoid something that will be vulnerable to a dictionary attack (or hyrbid dictionary attack). It will take a very long time to crack that key space if you need to brute force it.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    8 character wpa2 is fine. I personally have a 14 character one.

    In terms of having your password cracked it's very very unlikely. If you're paranoid, simple solution, add a few random numbers/ letters to the end.

    You could look into custom firmware/ make sure yours is up to date.
     
  9. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    Ok thanks everyone.

    So now that I have 20 alpha numeric characters for my new password and WPA2-PSK and AES.... I doubt anyone can piggyback my wireless internet connection and even if this is overboard, doesn't hurt to have such strong protection I suppose :thumb: :argh:
     
  10. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Its amazing to see how many people dont secure there wireless.I moved two years ago in a different area, and before reconnection service was done, I fired up the laptop to see 3 unsecured wireless networks out of 10 open to public use.It's been two yrs latter and 1 still remains open.My neiborhood has free internet.:eek: Of course I have my own CLEAR wireless as long as there is cell signal I have wireless, no more reconnection waites.
     
  11. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    Most people assume that nobody is going to try to break into their system or use their wireless for malicious purposes because it's a "nice neighborhood." Either that, or they have no idea what they're doing and they just want to plug it in and start it up.
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    And quite a few people are still on WEP, which is almost as bad as no protection at all.
     
  13. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    My current router has a wireless guest zone and the normal zone. I sometimes open the guest zone up and it is amazing how many people will actually connect, but then not all connections are from computers either.

    Sul.
     
  14. x942

    x942 Guest

    Cracking AES would take millions of years. Brute forcing the password is the weaklink. Any thing less than 14 Chars. is considered crackable, I would consider reading https://www.grc.com/haystack.htm and watching the Security Now! episode where Steve Gibson talks about it.

    The way WPA(2) attacks work is by capturing a handshake and running rainbow tables against it. WPA(2) Doesn't use SHA2 sadly (Correct me if I am wrong) it uses SHA1 or MD5. From there it is salted with the SSID of the router (Change that too; All the defaults have tables).

    The second attack is to attack the password (much slower) and is done in a similar manner - Capture handshake and hash every dictionary word to try and find the right one. Rainbow tables are much faster.

    Using a password of substantial length (14 +) and (pseudo)randomness (Uy%6X!./) would be uncrackable. Hopefully WPA3 will use a better Hashing algorithm like SHA2 or Ripemd-160:thumb:
     
  15. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    The length of the password is what seems to bring the best safety, as long as the encryption hasn't been cracked (like WEP has.)

    Another thing I am now considering is that recently, Steve Gibson put forth the idea that padding a password to make it lengthier was at least as good as a slightly shorter complex password. So as long as it has at least a number, an upper case letter, a lower case letter and a special character, you can add "padding" to make it complete and the result is apparently as strong as any other password of similar length (and much better than a slightly shorter more "complex" password. The padding could even be as simple as adding a bunch of X's (a pattern such as zzzyyywwwzzzyyywww or something similar.)

    Another thing I do is beyond having a number, upper and lower characters and a special character is to have space(s). Granted there are some places that won't accept spaces as a valid character, but for those that do, it seems to be a rare thing and a nice addition to our choices for safer passwords.
     
  16. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    I'd like to know where you are getting 14+ characters from to be honest. I know more keyspace = better... but from everything I've seen, its hard to perform a brute force attack at a speed of a few thousand keys/sec. Even if you were to use a cloud computing service, and get 10,000 keys/s, an 8 character (all lowercase) password will still take months to years.

    Practically speaking, unless you are a high value target, anything that will take over a month will not be attempted to brute forced. No one will likely bother.

    I'm not advocating for weaker security at all, but I'm just wondering why a 14 character password was picked..
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    As am I. I personally have a 14 character password by coincidence.
     
  18. TheMozart

    TheMozart Former Poster

    Joined:
    Jan 6, 2010
    Posts:
    1,486
    So if I send you an AES encrypted ZIP file which contains a 13 character alpha numeric password, you can crack it can you and tell me what file is inside?

    You up for the challenge and put your money where your mouth is? Or you going to desperately sidestep my challenge and run and hide?
     
  19. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    He only wrote; 'Any thing less than 14 Chars. is considered crackable'.
    He didn't write; 'You lame (com)poser, I will crackz0r y0ur 3v3ry pazzw0rd', now did he?
    Then again, you don't fail to meet expectations, TheMozart.
     
  20. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    MAC Filtering can help as well.
     
  21. x942

    x942 Guest

    Well that would depend. The reason I said less than 14 characters is because there are rainbow tables for WPA(2). Rainbow tables already have the hash and the password of thousands of combinations. Thus all I would have to do is run the hash against the table and until I find a match.

    anything 14 characters and above would make rainbow tables just as infective as brute forcing each character. The reason for this is that rainbow tables are based on time-memory trade off, after reaching a certain complexity searching those tables is going to take forever (not to mention not every combination is in there; you have to remember that NTLM hashes account for 99% of all combinations but that is a weak hash. with WPA(2) the table size is HUGE before reaching anywhere near that ).

    I could probably crack said 13 character password with brute force however with out rainbow tables it would take significantly longer to do so. That said Zip files often use weak password protection. Some version even use MD5 to hash the password. Either way this is comparing apples to oranges. WPA(2) has rainbow tables to attack it with and break < 14 character passwords, while ZIP files would require a direct character by character brute force or dictionary attack *which wouldn't work here as you wouldn't be using a dictionary word*.

    I would still recommend a 14+ password but in some cases you may (IYHO) choose not too. That's fine with me, I will continue to use longer, and stronger, passwords for anything I encrypt. Would you trust TrueCrypt with a less than 14 character password? Remember the password is the weakest link to encryption, even if it is redundant why risk it? On average I would say for WPA(2) use a 20 character password, increase to 64 if you don't want to change it often. Mine is about 20 chars. and I have tried cracking it with a 50 GB Rainbow Table to no success. I have cracked 12 character passwords however (even random ones with full ASCII set).

    I am not sure why you took my post so personally I never claimed I got crack anything unreasonable. I only said a password less than 14 characters is crackable within a short period of time when considering Rainbow Tables. A normal brute force would take much longer.

    If you were to give me a WPA(2) handshake capture with a less than 14 character password I guarantee I could crack it.
     
  22. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    If this were NTLM, I'd agree with you.. but AFAIK, WPA/WPA2 salt their keys with the ESSID's... making rainbow tables next to useless - unless you are using a common SSID (i.e. linksys).

    On top of that, I think its a bit different then your regular scenarios, as they key rate of WPA/WPA2 is much much lower than for other common forms of cracking. The only program I know of to try and crack wpa is cowpatty, and it brute forces at an utterly slow pace. If you work from a rainbow table, like the church of wifi distributes, you can perform a dictionary attack very fast (assuming you have a target with a popular SSID).

    Essentially, I don't think its plausible brute forcing any WPA passwords (even 8 character ones). That being said, more key space is always better. A good pass phrase will help with this... but as for now, I think the key is to pick a unique SSID and stay away from simple dictionary words, or common word combinations.
     
  23. x942

    x942 Guest

    @TheMozart

    If you had read my reply you would have noticed that ZIP file are NOT WPA(2) hashes.

    With a ZIP file I NEED too either brute force it (take way to long against a 13 character password of full ASCII set) or use a known Plain-text-attack. The latter doesn't apply here as I don't have any known plain text from that key.

    Further more WPA(2) can be attacked with rainbow tables. These are essentially a database of hashes and their plain text equivalents. Rainbow Tables are known as a Pre-computational attack, because all of the work (generating the hashes) was done before hand. This means in WPA(2) if I know your SSID and generate Tables with it, I CAN
    crack a less than 14 character password. 99% of people leave the SSID default (those tables already exist. the rest can be made in relatively small amount of time).

    Again. WPA(2) is NOT ZIP. ZIP can NOT
    be attacked other than a brute-force (in this case).

    I was only trying to answer your question. It is not my fault, or my concern, if you agree with me or not. I gave you my best answer, if you don't like it you CAN ignore it. I NEVER claimed i could Brute-force a 13 character password or ZIP. Rainbow tables are NOT a brute force attack. They are significantly faster.


    Problem. All I need to do is scan with Airodump-ng and I know your SSID. From their I generate my own tables. So much for that security. Air-crack supports cracking WPA(2) handshakes. So does Cow Patty.

    Just because an SSID needs to be added doesn't mean a < 14 character password is secure against Rainbow Tables. All an attacker has to do is generate the tables for the SSID. On a modern PC this wouldn' take a long time. depending on how many characters he is going to attack.

    Since the attacker knows that anything above 14 character is going to be pointless even with rainbow tables, He probably is not going to generate tables bigger than the 13 characters combination (meaning every combo between 1 and 13 characters full ASCII set). I never said it was likely to happen, I only said it was possible.

    I do agree with you though. What you said is 100% true. I do not mean this reply to be an attack against anyone (neither you nor TheMozart) I only mean to explain what I said earlier. Which was apparently misinterpreted.
     
  24. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    Generating your own rainbow tables is essentially pre-cracking the hash. If you were to brute force all lower case characters with a 1-4 key length, this would take the same amount of time as generating a rainbow table of the same type and size. In other words, making a new rainbow table is the same amount of work as simply brute forcing it. The only benefit is that you can re-use a rainbow table (assuming the ESSID doesn't change).

    All of the rainbow tables that currently exist for WPA are simply from word dictionaries. The represents a miniscule fraction of the actual keyspace, and won't always contain variations in case and it definitely won't contain any numbers or special characters. I'd also care to mention that a lot of these tables were built over a long period of time using massive clusters. You'd need some serious hardware at your disposal to even think about trying to either brute force or generate a rainbow table of just dictionary words.

    I know there is actually an algorithmic weakness in WPA TKIP, but I don't believe this is present in WPA2 or with the use of AES. For all intensive purposes, I've heard these are infeasible to hack without dictionary attacks.

    BTW, I don't take the replies as an attack at all. I encourage discussions, as someone will typically learn something they did not, even if they still disagree..
     
  25. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Those are the sort of settings I use and have never had issues.
    You are just fine :thumb: Changing your keyphrase on accasion as you would with email accounts, etc - would be helpful.

     
Loading...
Thread Status:
Not open for further replies.