Are wireless networks harder to crack these days

[Garda]

After reading this

http://www.oreillynet.com/cs/user/view/cs_msg/26023

I wanted to ask the question. I personally don't have a laptop so haven't gone wardriving. So I wouldn't be able to know how hard WEP cracking was before and how difficult it is now.

So an open question to anyone who has/does this sort of stuff, or perhaps security professionals, how hard/long is WEP cracking and perhaps other wireless related hacking.

[Sparda]

I takes about 10 minuets to crck WEP encyption, it can take several years to crack WPA encypton,[hyperfocus] unless you get on to a laptop what has the key stored localy and you steal it.[/hyperfocus]

[jollyrancher82]

WPA can be cracked in nearly 10 minutes too...

[Sparda]

So, why does every body say use WPA becasue it's mosr secure?

[sentinel]

WPA can be cracked in nearly 10 minutes too...

I think that's a myth (yeah I saw the article too a while back but lots of experts like steve gibson have refuted that somehow)

dunno

[jollyrancher82]

It is possible in 10 minutes if it is a dictionary word for the key, the more complicated the key, the longer it'll take. I use WEP because noone in my area has the brains to crack it :)

[VaKo]

I'm pretty sure the only uncracked wireless is TKIP, but this may have changed since i last was googling for wifi hacking.

[sentinel]

It is possible in 10 minutes if it is a dictionary word for the key, the more complicated the key, the longer it'll take. I use WEP because noone in my area has the brains to crack it :)

True..good point. That's why I use a 63 character random string from https://www.grc.com/pass . THAT's security! ;)

[metatron]

If someone is that bothered about security there is no reason why they can’t use a VPN.

I like open VPN http://openvpn.net/

[sentinel]

If someone is that bothered about security there is no reason why they can’t use a VPN.

I like open VPN http://openvpn.net/

Agreed. Hamachi is awesome too.

[kenadak]

the extent of "hacking" needed on a wifi network greatly varies...

1. simple act of clicking on the network and saying connect is about as complex as it gets (this is my hack of choice)

2. social engineering.. "hello, I'm the new computer guy can I use your computer" is about as easy (note it helps if you look the part)

3. brute force dictionary word 20-30 seconds.

4. brute force key under 7 characters 5 hours

5. capture a crapload of packets and crack using unique Key Frame attack

6. get physical access to AP and replace it with a know AP

7. drive to next access point and repeat 1-7

[spektormax]

the reason WEP sucks SOOO much is because it uses the RC4 allagrithum. RC4 creates weak keys (especialy on the first 256 bytes) which reivlie parts of the password used. Then, a key frame attack is ran. Basicly out of the 64 bits of key possible, it takes the ones its found thru weak keys cased by RC4, and then you brute force the remaining parts of the key. As for WPA, ther is no weak keys that are created (that I know of) so a key frame attack is impossible. WPA can be attacked offline, but a brute force attack on a 64bit WPA encription could take centuries. As for a dictionary attack, well only if u use a bad key, if ur key is complex enough, the only answer will be a brute force, which is practicluy impossible, depending on the complexity

[harrison]

the extent of "hacking" needed on a wifi network greatly varies...

1. simple act of clicking on the network and saying connect is about as complex as it gets (this is my hack of choice)

2. social engineering.. "hello, I'm the new computer guy can I use your computer" is about as easy (note it helps if you look the part)

3. brute force dictionary word 20-30 seconds.

4. brute force key under 7 characters 5 hours

5. capture a crapload of packets and crack using unique Key Frame attack

6. get physical access to AP and replace it with a know AP

7. drive to next access point and repeat 1-7

You forgot Void11, which often times works better than anything else.

[rFayjW98ciLoNQLDZmFRKD]

If you know what your doing, you can make it harder for a person to get onto your network, but for the average household, window$ "hacks" right on to the network for you.

[Faith +1]

I guess if your goal is to crack the wireless network for the challenge you could use some of the timelines above as guidence. But in factuality if you are using the wireless network to do things to other places you shouldnt be doing it to then you would just roll down the block till you find an open one wouldnt you?

[cooper]

I think the overall concensus still is that if you want to stay secure you either don't use wireless, or assume it's as friendly as the internet.

[jollyrancher82]

<3 Void11... speaking of Void11 I must make a deb package for nubuntu

[VaKo]

Or, you leave your wifi open (not illegal) and use that as an excuse if the RIAA comes looking for filetrading.

[cooper]

That will only work when you DON'T have illegal stuff on your machine...

I kinda doubt there's a lot of people here for whom that condition can be met.

[spektormax]

That will only work when you DON'T have illegal stuff on your machine...

I kinda doubt there's a lot of people here for whom that condition can be met.

^^haha, well I leave mine open siply because1 my main comptuer is on a wire so its fairly safe, 2 most people wouldnt hack it cuz its no a default ssid so they wont bother, and 3 my nieboors are too far away to see my wireless entwrok (yet I ca see thiers). But my nieboors are all "linksys's" so im not afraid, sides i would notice if someone is on my netowk, and its liek worst case senerio ill reformte my hdd and put on WPA so no sweet, sides my dad not beign exactly a geek, he woudlnt understand y if windows fucks up it asks him for a password

[Garda]

That will only work when you DON'T have illegal stuff on your machine...

I kinda doubt there's a lot of people here for whom that condition can be met.

^^haha, well I leave mine open siply because1 my main comptuer is on a wire so its fairly safe, 2 most people wouldnt hack it cuz its no a default ssid so they wont bother, and 3 my nieboors are too far away to see my wireless entwrok (yet I ca see thiers). But my nieboors are all "linksys's" so im not afraid, sides i would notice if someone is on my netowk, and its liek worst case senerio ill reformte my hdd and put on WPA so no sweet, sides my dad not beign exactly a geek, he woudlnt understand y if windows fucks up it asks him for a password

Remind me not to ever take security advice from spektromax (or english lessons :P ). Just cos the SSID isn't generic isn't exactly a thorough set of security procedures. lol

So basically what i hear is that WEP can be cracked easily and in the case of WPA, don't use a weak password.

So therefore, from that, if the network uses WPA with a nice long and difficult to guess password it's near impossible to crack?

[degoba]

Remind me not to ever take security advice from spektromax (or english lessons Razz ).

I wonder what its like when spek is coding. Compiler errors every other line?

[jollyrancher82]

Or live in a nice rural area

[spektormax]

actully suprisingly, when I code, im closer to the comptuer and thefor the keyboard is closer to the wireless radio reciver. As for WPA and a strong password, nothing is "impossible" just WPA can ONLY be cracked thru a brute force attack (or dictionary, but a good password iliminates that). There is curently no know or documented vunerability in either of the 2 most used alagrithums for WPA. For mostly older hardware that contains the hardware enoguht only to do RC4 (the cypher used in WEP), which is called Temporal Key Integrity Protocol or TKIP for short. TKIP utalises the regulare stream cyper of RC4 but uses a dynamic key assiment by adding a 48-bit number at the end of the ordinary 128-bit WEP key that incriments every packet so the password chacnges constantly in order to prevent a key frame attack which is so famously demenstrated numerious times on a WEP "secured" network. This while considered less secure crypologicly than WPA2 (which is the standard now days for securind a network short of a RAIDUS server which is an unshared system where each computer has it's own key[password]) has much more overhead(Is slower) than WPA(1). WPA2 drops the RC4 stream cypher for a MUCH MUCH more secure AES(Advanced Encription System) block cypher which is based off the Rijndael algarithum. AES is so strong that it is the current encription for all (unclassified) U.S. military data. AES unliek RC4, allows a 192-bit or even a 256-bit key aside formt he standard 128-bit key. AES is considered one of the most secure encription alagrithums publicly avaible (its public domain). The only downside of using WPA2 is the fact that you will lose some data transfer speeds due to the amount of time it takes to performm AES encription on the 125mhz or so prossesor located inside of a router. As for weak keys, keys must contain atelast 5 dicewares or 14 compleatly random letters to be considered secure beyond "crackabilty" any time soon, however 8 dicewares or 22 compleatly random letters are needed for maxium cryptological strength. As for renaming an access point, most peopel who are malicious or wardriving, will not stop for an SSID that is non-defualt simply because there are 2 that are linksys SSID's bordering me. (and I don't live in a neiboorhood of hackers.) Hope that helps. And as for WEP, it is SERIOUSLY crackble in under 10 minutes due to reasons stated earlier.

[jollyrancher82]

Please watch the Church of Wifi presentation at Shmoocon.