WiFi Security

[Jamin4u]

I read that there are programs that have decryption support for WPA2.

 

Does that mean that someone can grab your WiFi packets and decrypt them?

 

If so, what information can they get from them?

[Super Fast]

Jamin, as far as I am aware, there are sniffer programs that can decrypt your WPA connection.

Some even support using the cloud, to harness the power of thousands of computers to assist in decrypting.

 

Supposedly, Aircrack ng & Cowpatty are capable of such, although I have never tried them to see.

But you can research them on the web via Google if you want to learn more about them.

 

I think it will be very enlightening for you.

 

* Edit: Names provided simply for your own research & learning & for no other reason.

[Jamin4u]

I didn't include the names of the programs I saw because I don't want to encourage anyone to learn how to do this. Feel free to remove the names of the programs you listed.

 

If I have a hacker neighbor or a drive by hacker, can they get information like destination ip addresses and passwords. I've taken all of the available steps to protect my connection and I have a long difficult password.

 

Don't they need my password to decrypt the packets?

 

Would it be recommended to do such business as banking on a wired connection only?

[Winapp2.ini]

WPA2 is pretty hard to decrypt, especially with a longer key. Features such as GPU offloading (that is, brute forcing with a GPU because of their many cores) have made cracking WEP and even I believe WPA simple® but I think you should be fine with WPA2 as it is (there's really no other, better option right now anyway, short of not having a wireless network)

 

I don't think drive-by hacking is a feasible threat from anyone except Google

[Jamin4u]

I don't think drive-by hacking is a feasible threat from anyone except Google

:lol:

 

Thanks to both of you!

[Winapp2.ini]

I'm not sure why that Simple is a Registered Trademark, but whatever. ;

[Super Fast]

Oh, I just included the names. Not to encourage people to do it.

 

But to raise awareness of how pitiful security may be. And also, so that you may test your own network for vulnerabilities.

Better that I should assist you in identifying the security flaws of your own network, than to let a real hacker do it.

 

Besides, these are free programs. Do you really think security by obscurity works?

[Jamin4u]

@ Super Fast

 

I fully understood your intentions were to help educate and not to encourage the use of such network protocol analyzers for malicious intent.

 

I think its ironic that there are such programs that can be used for education and other legitimate uses on one hand, and malicious intent on the other.

 

ShieldsUP for example is a great way to test your firewall but it doesn't show you how to bypass a firewall.

 

Perhaps I'm wrong, but I thought it would be best to leave the cookie in the jar rather than put it out on the table.

 

ShieldsUp https://www.grc.com/x/ne.dll?bh0bkyd2

[TheWebAtom]

I don't think there is any harm in mentioning "Aircrack ng," given that you need to program the DLL drivers yourself before it's actually useful. I suspect the vast majority of people capable of doing that would already have their own tricks for hacking WPA.

[Super Fast]

WebAtom is correct. And besides, even if I didn't mention it, Google would serve as a powerful search tool for anyone interested.

 

Wouldn't u at least like knowing before they try it?

 

I know, I know, it's bad that people will try this, but at least maybe it will make them more security conscious!!!

[Jamin4u]

I'm not trying to convince anyone that you should remove the program names. It was unnecessary to list them in my case because I have no desire to learn how to test my WiFi via one of these programs. If I'm doing all I can to secure my wireless network, that's all I want.

 

I'm comfortable with what's been said here regarding how difficult it would be to set up a program to decrypt my access point password or captured packets.

 

Thank you

[Alan_B]

I not only have WPA2 in force, I also restrict access to the MAC addresses of the devices that are permitted.

 

Then I found it is possible for intruders to spoof MAC addresses,

and what is infinitely worse,

the MAC address is transmitted WITHOUT encryption under WPA2.

I am trying not to think about it.

 

I comfort myself with the thought that WIFI is only between the router and my daughter's iPAD or guests in the house,

and that my internet banking is from my desktop via Ethernet cable to the router,

which I am hoping does not repeat everything over WIFI to the neighbors or parked cars with blacked-out windows.

[Andavari]

I not only have WPA2 in force, I also restrict access to the MAC addresses of the devices that are permitted.

 

Same here. In order to connect to my wireless modem I have to find the MAC address of a device (Amazon Kindle, Sony PS3, etc.,) and manually type it in so that it can use my connection, if I don't do that my wireless modem won't allow the connection.

 

The way ISP's have it set up by default isn't very secure in my opinion, they have it set very easy for any device to use the connection which was something I didn't like.

 

It always ticks my family and friends off when they visit and bring along their little web enabled portable gadgets and can't access the web from my house, until I try to explain security to them which goes over most of their heads. These are also the same people when I ask what anti-virus software do you use and I get replies like "whatever" or "what came on my computer when I bought it."

Edited October 2, 2012 by Andavari

[TheWebAtom]

I have three wifi networks. One of them is left totally open and unprotected, however anyone who connects to it will find all web traffic mysteriously redirecting to a YouTube video of Barbra Streisand performing What Kind Of Fool. After about ten minutes it blocks the MAC address of connected devices, preventing victims of my hilarity from using too much valuable bandwidth.

[Winapp2.ini]

Same here. In order to connect to my wireless modem I have to find the MAC address of a device (Amazon Kindle, Sony PS3, etc.,) and manually type it in so that it can use my connection, if I don't do that my wireless modem won't allow the connection.

 

The way ISP's have it set up by default isn't very secure in my opinion, they have it set very easy for any device to use the connection which was something I didn't like.

 

It always ticks my family and friends off when they visit and bring along their little web enabled portable gadgets and can't access the web from my house, until I try to explain security to them which goes over most of their heads. These are also the same people when I ask what anti-virus software do you use and I get replies like "whatever" or "what came on my computer when I bought it."

 

They also use IE6, right?

[Andavari]

They also use IE6, right?

 

Oh no WinXP jab in there.

 

Don't know what they use for a browser except for my cousin, I know she uses Norton Antivirus and IE, and she has no ideal what Windows OS she's using however I'm leaning on Vista because she bought her computer about when that OS was released. She stated "I just let Norton clean up what it wants everyday" which sounds horrid to me if it were finding infections on a daily basis - but then again I don't know if her being a Facebook junkie ("FaceDrunk") has any involvement with Norton finding something daily.

Edited October 5, 2012 by Andavari

[Winapp2.ini]

I think norton might pop up for tracking cookies as well.. I haven't had the pleasure of using it in several years though.