your wifi connection can be cracked even if it is secure

  • Thread starter warthog
  • Start date
  • Replies: Replies 11
  • Views: Views 6,202
W

warthog

I wont tell you the links but the encryption in wifi wep and wpa can be cracked with your simple lan card and a software.It gave be chills knowing that even a secure connection is not secure enough.i dont have the expertise to crack it as it takes some programming language.just wanted to tell you all hassle free netizens.wires are better than wireless
 
M

marwadinetwork

Newbie
Messages
19
Location
NA
ISP
ddd
I wont tell you the links but the encryption in wifi wep and wpa can be cracked with your simple lan card and a software.It gave be chills knowing that even a secure connection is not secure enough.i dont have the expertise to crack it as it takes some programming language.
just wanted to tell you all hassle free netizens.
wires are better than wireless


I agree it is easy to crack WEP, however cracking WPA is not that easy, but it is impossible on a random wi-fi network that has proper password.


Pls stop scaring people without complete knowledge.

Here is interesting statistic that you may not know

"208,827,064,576 possible ways to create the minimum eight-letter password, it would take more than 53710 days just to be sure that the passphrase isn't as simple as "aaaaaaaa"

if you use a weak password, any secure network can be cracked. The minimum password requirement for a wpa-psk network is 20 characters.

On my wpa-psk network my password length is 63 character long. (That means a lots and lots of combination). IMAGINE TRYING TO BREAK A 63 CHARACTER PASSWORD.. IT WOULD TAKE AGES !!!

There are online tools available to help you create a secure 63 character password, here is one i like and use

Generate a Secure Password - kurtm.net

for sake of testing purposes... just click on generate and see the password
you can use for your wi-fi router.

I am not going to tell people how to crack any network either.. but i will provide valuable tips on how to secure it..
This will definitely keep "wifi hackers" away.
All the steps need to be followed in order to secure your network

1. Change your network IP address scheme, default is always 192.168.0.x
or 192.168.1.x. Change it to something like 172.17.x.x or 172.20.x.x

2. Change your subnet mask to match your requirement ie. if you got only
2 pc's then you need a minimum subnet mask of 255.255.255.248.
This will allow max of 6 devices on the network

3. If you do not want to change the subnet mask, change the max
number of users allowed via DHCP to the minimum required or assign
static IP's to your PC's and turn off DHCP on your router.

4. Assign your router a different IP address, other than the standard
x.x.x.1

5. Change your router password ( pls no wife's name or gf's name)

6. Disable wireless SSID broadcast

7. Enable WPA-PSK encryption and use the strongest possible
password(read above for the website), atleast 63 character long.

8. Enable MAC-ADDRESS filtering.

9. Enable LOGGING on your router if the feature is available.

10. DO NOT SOCIALIZE YOUR ROUTER INFORMATION IF NOT REQUIRED.
(READ AS .. STOP BRAGGING).


There are few other things that people can do to protect their PC's as if the PC is compromised via the internet.. then securing the wireless network is not good enough.

1. Install antispyware
2. Install a good firewall
3. Install antivirus
4. Block pop-ups
5. Block flash based ads
6. Block ad's (some of these carry viruses)
7. Do no download "cracked software" as these come with trojans.

Alright.. i think this info is good enough.. if people need more info..let me know..
 
A

appus

The Real
Messages
1,024
Location
NA
ISP
BSNL Broadband -Home 500C
@above... Actually my network is as you said... :D wep is easy to crack..(comparatively), but wpa-psk is almost impossible(may be possible,but takes own sweet time)my network is 10.0.x.x, and with subnet 255.255.255.240gateway 10.0.x.17 :)No DHCP ! No Broadcast of wireless.. that is it !! Once you disable DHCP , and Wireless broadcast , you are 98% secured on a different network (not the usual 192.168.x.x)anyways... those who want to know the different IP's you can use, here are 10.0.0.0 - 10.255.255.254 172.16.0.0 - 172.31.255.254 192.168.0.0 - 192.168.255.254
 
M

marwadinetwork

Newbie
Messages
19
Location
NA
ISP
ddd
@above...

Actually my network is as you said... :D

wep is easy to crack..(comparatively), but wpa-psk is almost impossible(may be possible,but takes own sweet time)

my network is 10.0.x.x, and with subnet 255.255.255.240
gateway 10.0.x.17 :)
No DHCP ! No Broadcast of wireless.. that is it !!

Once you disable DHCP , and Wireless broadcast , you are 98% secured on a different network (not the usual 192.168.x.x)

anyways... those who want to know the different IP's you can use,

here are
10.0.0.0 - 10.255.255.254
172.16.0.0 - 172.31.255.254
192.168.0.0 - 192.168.255.254

Until and unless you enable some kind of encryption(WPA preferred), you are not even 10 % secured. There are utlities available to

1. spoof mac-address ( this will break mac filtering)
2. find hidden SSID's
3. find IP address of your router.

So WPA encryption is key to everything.. however it's good to add the mac-filtering, ssid disable, etc on top of it but DO NOT USE THEM without encryption.

And fyi.. read this link, it shows how long it will take to crack WPA
12 year for 7 character password with 1 pc or 1 year with 1000 pc's
579,299 years for 10 characters password with 1 pc.
Imagine how many years with 63 character password, this is atleast in thousand's of years.

so no it is not sweet time to crack it. It's a lot of years..


How long does a WPA key need to be? | George Ou | ZDNet.com

:thumbsup:
 
R

rachit_1804

Regulars
Messages
1,503
Location
NA
ISP
Comcast 22 mbps
in both the emails sent by that indian mujahideen, they had hacked into the wifi network only.in the 1st case that american national heywood & second case khalsa college in mumbai.the newspapers dont mention whether they had any encryption or not...
 
Sushubh

Sushubh

Admin
Staff member
Messages
394,707
Location
Gurgaon
ISP
Excitel
Airtel
the american national said that he did not use any password...about colleges, i think the password is easily accessible as it is accessible to students. i doubt they give a unique password to each one.even if they do, it would be rather complicated to find out which particular student's account was used.
 


N

netfreak

Regulars
Messages
2,229
Location
NA
ISP
Airtel GPRS EDGE + VSNL
\"208,827,064,576 possible ways to create the minimum eight-letter password, it would take more than 53710 days just to be sure that the passphrase isn't as simple as \"aaaaaaaa\"

I am sure you know that 208,827,064,576 is theory. In practice, this number is just 2^32 (approx 32k). Any decent PC can do that in less then an hour.

That is because you can rely on off line hash and need not iterate though every possible combination (brute force).

Wi-Fi Networking News: Weakness in Passphrase Choice in WPA Interface

And fyi.. read this link, it shows how long it will take to crack WPA 12 year for 7 character password with 1 pc or 1 year with 1000 pc's 579,299 years for 10 characters password with 1 pc.
Imagine how many years with 63 character password, this is atleast in thousand's of years.

As you mentioned earlier, any passphrase less then 20 character in length is weak. These calculations are way too simplistic. passphrase can contain ONLY printable characters. And with passive snooping brute force is not required.

So, if you are using a long passphrase, then yes network is reasonably secure. Otherwise its no better then WEP.

Problem is you can't "always" ask users to have 20 characters passphrase. You can't have them type 20 characters worth of junk on a cell phone for example.

Forget Wireless, most "wired" networks are not secure.

ADSL lines are not safe from "eavesdropping" you see ;)
 
M

marwadinetwork

Newbie
Messages
19
Location
NA
ISP
ddd
I am sure you know that 208,827,064,576 is theory. In practice, this number is just 2^32 (approx 32k). Any decent PC can do that in less then an hour.

That is because you can rely on off line hash and need not iterate though every possible combination (brute force).

Wi-Fi Networking News: Weakness in Passphrase Choice in WPA Interface



As you mentioned earlier, any passphrase less then 20 character in length is weak. These calculations are way too simplistic. passphrase can contain ONLY printable characters. And with passive snooping brute force is not required.

So, if you are using a long passphrase, then yes network is reasonably secure. Otherwise its no better then WEP.

Problem is you can't \"always\" ask users to have 20 characters passphrase. You can't have them type 20 characters worth of junk on a cell phone for example.

Forget Wireless, most \"wired\" networks are not secure.

ADSL lines are not safe from \"eavesdropping\" you see ;)

You are just repeating what i said...
PASSPHRASE CAN CONTAIN EVEN A "SPACE", that's the beauty of the WPA KEY.
I have WPA on my cell phone, i just copied a notepad file to my cell phone and opened that file on my phone, used the copy and paste and was able to get 63 chararacter worth of junk on it.

I guess the problem is that there are people out there who think it's a hassle to use a longer password and it's just making a hackers life easier.

Now please explain me 3 things you mentioned above, as i am having
a hard time understanding, how "wired networks" are not secured.
how do you eavesdrop on a ADSL line and to do what(i can't hack a wifi network with that).
what do you mean by passive snooping ?


1.Forget Wireless, most "wired" networks are not secure.

2. ADSL lines are not safe from "eavesdropping" you see

3. with passive snooping brute force is not required.
 
R

rachit_1804

Regulars
Messages
1,503
Location
NA
ISP
Comcast 22 mbps
I am sure you know that 208,827,064,576 is theory. In practice, this number is just 2^32 (approx 32k). Any decent PC can do that in less then an hour.


2^32 is not 32k
32k is only 2^15
 
C

Chinmay

Fivenet Lover
Messages
459
Location
NA
ISP
Fivenet+ Hathway
2^15=32kit reminds me of CP-I of SEM I enginnering.