Saturday, 11 April 2009

Going wireless - Part 1 - Intro

So after having figured out what all the fuss was about with the wireless security, I figured out that having my Wireless Network still encrypted with WEP was a bad thing..
Dont worry, this was a while ago..
Basically I needed WEP in order to be able to hook up an ancient laptop, changed that pretty quick as you can imagine.

As before, all the below is old, in this case very old news, but the techniques are improving every day and the amount of time needed is shortening.

I was amazed at how easy it was to hack into wireless networks, I was even more surprised at how much information on hacking was readily available as well.. scary actually.
So instead of leaving myself blissfully unaware, I decided to learn and try to stay protected.

Basically any protection is better than none as the casual war-drivers / hackers prefer easy access, however WEP does not count as protection any more.
There are automated tools (spoonwep) which will simplify the process and even if doing it step by step, it shouldn't take longer than 5-10 minutes to fully compromise a network encrypted with WEP.
All the tools needed are readily available and free to boot.

What you often read in magazines is that you should;
  1. Use a strong encryption (WPA / WPA2)
  2. Hide your network by not broadcasting the network ESSID
  3. Use MAC address filtering to ensure only allowed MAC addresses are allowed to connect to the network.
  4. The more aware magazines even suggest that the wireless router is even turned off when not in use.
Although extra layers of protection such as MAC filtering and hiding the network ESSID are never a bad idea, the only sure way to keep your wireless network safe is using #4.
  • WEP network encryption is broken.
  • WPA/WPA2 encryption is only as strong as the password; use "12345678" as a password and its going to be cracked real quick. Using something like '!H4V341337p4$$\/\/0Rd' will make a would-be attacker's job a lot harder.
  • Hiding the SSID doesn't work either, it can be cracked and if the network is monitored by a would-be attacker, the SSID will pop up as soon as someone associates.
  • Even if you use MAC address filtering, in theory it can be cracked (if someone has the patience) and otherwise, simply monitoring the network for a valid MAC address to associate and then spoofing it, is a real possibility.

Next stop will be some examples on hacking and cracking a test setup I have.

1 comment:

Google Analytics Alternative