Wireless security

Discussion in 'other security issues & news' started by mick92z, Nov 26, 2012.

Thread Status:
Not open for further replies.
  1. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Hi everyone, I would like to ask a few questions about wireless security.
    I have been reading about programs like backtrack and aircrack, capturing handshakes, then uploading them online, where apparently they can run dictionary attacks at high speed ( one claims 300 million in 20 mins )
    Am i right in thinking these attacks only work against weak passwords, and that a 30 digit password including characters is impossible to break.
    Thats my main question, two others are, 1 , i also read it is advisable not to disable your SSID, as this makes your computer shout out your SSID while trying to connect to the router, allowing someone to impersonate your router. I do not understand this
    Finally how complex does the route login password need to be, can this be captured wirelessly and cracked ?
    Many thanks in advance for your answers
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    300 million in 20 mins isn't very fast. Even at a billion or 100 billion it would be centuries before a 12 character strong password is cracked. A 30 character password would take much longer.

    Disaple WPS for your router. Use WPA2. Keep your firmware up to date.
     
  3. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Thanks for the reaasurance Hungry Man, as for WPS, i don;t think my router even has that function
     
  4. parsec

    parsec Registered Member

    Joined:
    Aug 2, 2011
    Posts:
    68
    Location:
    /local/galaxy_cluster/milky_way/sol_system/earth
    If using WPA2 your wifi traffic will be encrypted and if someone captures login credentials they wont be able to read it (unless someone knows your wifi passcode and is already in your network).
    Some routers support HTTPS if yours does enable it.
     
  5. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Hi again, one of my reasons for brushing up on this subject, is a friend has asked me to set up their router. I know about strong passwords, mac filtering etc
    The new router in question does have WPS, i have just read an article saying even with WPS pin disabled, it can still be cracked. Am i getting paranoid or is this a concern , thanks http://www.house4hack.co.za/brute-force-attack-against-wifi-protected-setup
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Not sure how it cracked WPS if it was turned off. I'm not sure it did. Regardless, turning it off will at the very least slow things down.
     
  7. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    In 2012, 300 million in 20 minutes is really low end, and yes most adversaries will only be able to break weak passwords, or passwords obtained from word lists. Now word lists are not just dictionary words in different languages, they are sometimes terabyte sized lists of compromised passwords from popular websites and databases. That being said even a longer password will not offer much protection if your password is already captured on one of those lists.
    In targeted attacks the malicious user may even be able to generate potential word list combinations based on what you have publically available online such as your facebook/twitter profile which can offer insight into your interests, hobbies, location all of which could be a potential password.

    What would I recommend?

    Use a password passphrase of 20 characters or more. Regenerate a new key every 30 days if you are using WPA2 in PSK mode. If also using WPA2 enable AES only. Disable UPnP and WPS on your router, and limit the admin interface to only wired connections if your environment permits. If you are using proprietary/open source firmware make sure to keep it up to date.

    Do not bother with disabling SSID or enabling MAC filtering as a security tool. While the router will not broadcast the name of the network, when an authorized client attempts to join the client will broadcast the network ssid to the router. Anyone sniffing the network will be able to capture the name easily. Second MAC addresses are visible to everyone over a wireless network. If an adversary detects this feature is enabled, simple monitoring of the network will show which client MACs are allowed to connect and they can spoof their MAC to match in a matter of seconds.

    Last the WPS vulnerability will only affect some routers (not all) when disabled. From the top of my head Cisco/Linksys was the main vendor with WPS not completely disabling due to firmware issues in certain models. However all routers that use WPS should be considered vulnerable and WPS disabled.
     
  8. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,052
    Location:
    USA
    Agreed. These things will only make regular usage harder for you, they won't do much to slow down an intruder.
     
  9. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Many thanks to all, I appreciate your input. Cheers :thumb:

    I also posted on the netgear forums, no harm in asking :)
     
    Last edited: Nov 27, 2012
Loading...
Thread Status:
Not open for further replies.