wifi jacking

Chaos said:
Good security practice would be to use wpa2 with aes, disable ssid broadcasting, and use mac filtering.
Sound advice, but as has been pointed out SSID cloacking and Mac filtering are rather trivial to bypass, so WPA/WPA2 with a strong password are all that's really necessary.
 
csmager said:
But using something like Kismet, you'd find the network and its SSID in a matter of seconds... so its fairly useless.

I was under the impression WPA could only be hacked with a bruteforce attack on the PSK - so choosing a long complex password would make it completely pointless to attempt.

WEP, on the other hand: 64-bit - minutes, 128-bit - not much longer.

csmager is correct. WPA can be theoretically hacked if the key is less than 11 characters long by brute force. Anything over 11 and it gets into the region of being impossible.

The only security your wireless network has against someone who knows what they are doing is a good strong WPA key. MAC filtering, hiding SSID etc etc can all be overcome reasonably easily.
 
csmager said:
It still broadcasts 'beacons' at a rate of around 10 per second. Just because it's not advertising it in a traditional sense, it's still very much saying it was there. Otherwise how would your PC know what to connect to? If the AP wasn't advertising it was 'abcd' in some way, then it would never find which BSSID (MAC Address) to connect to and on which channel.

Well this is what I thought happens.

The router sits there, listening. It doesn't transmit, just listens.

I sit at the computer and tell it to look for a wireless router called "abcd". The computer broadcasts a request for the router "abcd".

The router, listening, see that someone is looking for a router called "abcd", responds to this request and this request only.

It's like me going into an empty room with an invisible person in it, a person who will only talk if I know his name to begin with, otherwise he remains totally silent.

Surely that would be a better way of doing it?
 
But if there is another computer already on the network the router will be transmitting to that one, so any other computer will also be able to detect those signals.
 
csmager said:
Wasn't meant to be! :p

Ignore me, i'm just naffed off because I have one of these stupid BT HomeHub things where most of the encryption methods don't work!

Oh and guess what? There's no MAC address filtering option either. Fantastic. :rolleyes:
 
yak.h'cir said:
So you can just type the SSID into the network settings box and then it'll let you connect? Sounds good if thats the case!

yes

you only disable the broadcast of the SSID publicly

its a bit like adding a $ to a windows share. its still there, but wont show up when browsing for it

only way to connect to it is to manually type it in. (the more obscure the name, the less chance there is of somebody stumbling on it - eg dont hide your SSID but then make it "my internet connection" etc..
 
to those saying your SSID broadcast disabled network wont show up. Maybe it wont under WZC on windows XP, but most 3rd party software will show up networks with no name, as will WZC in windows vista.
 
Clarkey said:
to those saying your SSID broadcast disabled network wont show up. Maybe it wont under WZC on windows XP, but most 3rd party software will show up networks with no name, as will WZC in windows vista.

but will it show up networks with an SSID that is not broadcast, my understanding is that it wont, as ive never yet managed to "search" for my network with SSID broadcast disabled, i've had to type it

im sure that there's some tool on the net that could find it with scanning, but every layer of defence helps :)
 
I have very little technical knowledge but i was able to hack a WEP wireless network with mac filtering and ssid turned off in a test environment using my laptop in about 30 minutes. Didn't even have to use linux to do it.

hiding ssid and mac filters are pointless. WPA with a strong key (a brute force dictionary attack is its only weakness) is the best and only defence needed.
 
Last edited:
airodump, omipeek and kisben i think its call and your away, mind you you need to put your card on monitor mode using cracked drivers.
 
Back
Top Bottom