Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Secure your Wireless Network

encryption

  • Please log in to reply
28 replies to this topic

#13 Turk4n

Turk4n

    ???

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1919 posts
  • Location:Sweden
  • Programming Language:C, Java, PHP, Python, Bash
  • Learning:C++, C#, JavaScript, Visual Basic .NET, Others

Posted 18 October 2008 - 09:15 AM

Well,you can spoof the mac address of the router. However, if you can't even get "connection" to it or being granted to send "password". You will not be possible to sniff the packets. However, if you possible could sniff the "the allowed" computer user's mac address. Then you can easily spoof it and use it against him. Better luck dude.
  • 0

#14 kresh7

kresh7

    CC Addict

  • Just Joined
  • PipPipPipPipPip
  • 326 posts

Posted 18 October 2008 - 09:55 AM

:D you cant believe how easy it is to ARP Spoof a network you just have to build a Packet and Inject it into the network and make the router believe that you are one of the clients ok it might take some time to do that but when it works :D done
  • 0
Posted Image

#15 Turk4n

Turk4n

    ???

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1919 posts
  • Location:Sweden
  • Programming Language:C, Java, PHP, Python, Bash
  • Learning:C++, C#, JavaScript, Visual Basic .NET, Others

Posted 18 October 2008 - 11:23 AM

Uhm, would work if you were in the same LAN(WAN ARPing is UNCOMMON AND NOT USED)plus, ARP spoofing can't be used if you don't request for my "ip"(or router ip with it's mac configuration and you have to be in the network).(You sent out)Who is this IP? --->(If you know my ip),My IP, <--- and sending you my mac configuration. So best defense I could do is to create my own static ARP table.(And if you really like to take half your life of "tracking" and re-create my table do it :))
P.S: I have been spoofing in my days, at school most time and it was fun.(I got like suspended for 2 weeks)
  • 0

#16 kresh7

kresh7

    CC Addict

  • Just Joined
  • PipPipPipPipPip
  • 326 posts

Posted 18 October 2008 - 11:36 AM

:D dosnt mather if im not in your network :D theres a nice tool in backtrack that you can use :D to send out to a router to fool him the problem is you have to creat the syn packet
  • 0
Posted Image

#17 Turk4n

Turk4n

    ???

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1919 posts
  • Location:Sweden
  • Programming Language:C, Java, PHP, Python, Bash
  • Learning:C++, C#, JavaScript, Visual Basic .NET, Others

Posted 18 October 2008 - 12:06 PM

:D dosnt mather if im not in your network :D theres a nice tool in backtrack that you can use :D to send out to a router to fool him the problem is you have to creat the syn packet


You stated ARP spoofing can do the job.
However you tell now syn flooding will work?
The requirement to syn flood is to have information or get "authentication" with either router,switch,hubb or computer router(I like these things). To not get into it too much. Either way, kresh7 looks sees a wireless network;but he can't access it. It denies his "request" to authenticate himself to it. So he tries brute force.(Syn flood) As the router has only permission to allow "specific" computers. It will return null messages to him. So kresh7 tries to ARP spoof, by checking if he can try to connect to the computer directly. The computer doesn't respond due to the remote access is turned disabled(or even dismantled from the OS as I did for security purpose). So he just tries to ARP spoof; didn't work out as good he wanted. No response. Best thing to do is to re-create a "false" router. By using his own router kresh7 makes same configuration as the other guys router sending out "SSID". A conflict will happen and the target will have no time to fix it. So he jumps into kresh7 false router. Now can kresh7 do what he wants.
Good end.
That is one way to do it.(You can still try brute force, dismantle the allow list, ARP table or syn flood)
Well going to bed been fun to talk kresh7. G'Night :)
  • 0

#18 kresh7

kresh7

    CC Addict

  • Just Joined
  • PipPipPipPipPip
  • 326 posts

Posted 18 October 2008 - 02:17 PM

lol good night bro :D wastent here so im reading it now its a great idea with creating another router with same SSID and configuration its cold an HoneyPod if im not wrong great Idea the metasploit framework has a great exploit to do this :D but its realy not that hard to get free Inet this days realy no ;) hopeful we talk another time for stuff like that :D maybe you could teach me new
  • 0
Posted Image

#19 phpforfun

phpforfun

    Speaks fluent binary

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1056 posts

Posted 20 October 2008 - 02:34 PM

Here are a few steps to keep your AP secure.

[4] Remember that WEP is better than nothing

If you find that some of your wireless devices only support WEP encryption (this is often the case with non-PC devices like media players, PDAs, and DVRs), avoid the temptation to skip encryption entirely because in spite of it's flaws, using WEP is still far superior to having no encryption at all. If you do use WEP, don't use an encryption key that's easy to guess like a string of the same or consecutive numbers. Also, although it can be a pain, WEP users should change encryption keys often-- preferably every week.

I guess... if someone actually wanted to get in, it wouldnt be a problem, takes less than 10 minutes, and encryption type doesnt matter...

[5] Use MAC filtering for access control

Unlike IP addresses, MAC addresses are unique to specific network adapters, so by turning on MAC filtering you can limit network access to only your systems (or those you know about). In order to use MAC filtering you need to find (and enter into the router or AP) the 12-character MAC address of every system that will connect to the network, so it can be inconvenient to set up, especially if you have a lot of wireless clients or if your clients change a lot. MAC addresses can be "spoofed" (imitated) by a knowledgable person, so while it's not a guarantee of security, it does add another hurdle for potential intruders to jump.

macchanger --mac 00:11:22:33:44:55 ath0
you can also monitor a remote signal and see what mac address are connected, then spoof to there mac, and replace them on the router.

WPA and WPA2 can also be cracked, it just takes a HUGE list. Its actually easier than you think. There are no limits to how many passwords you can try before it cracks
  • 0

#20 Zapper

Zapper

    CC Newcomer

  • Just Joined
  • PipPip
  • 12 posts

Posted 29 October 2008 - 04:13 PM

Nice guide with a lot of good points. +rep
  • 0

#21 kresh7

kresh7

    CC Addict

  • Just Joined
  • PipPipPipPipPip
  • 326 posts

Posted 30 October 2008 - 09:52 AM

lol +rep :P you got 0 rep power :P
  • 0
Posted Image

#22 Xav

Xav

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 8356 posts

Posted 30 October 2008 - 11:19 AM

Just a thought - if you have negative rep power, do you give people -reps when you +rep people?
  • 0
If you enjoy reading this discussion and are thinking about commenting, why not click here to register and start participating in under a minute?

#23 phpforfun

phpforfun

    Speaks fluent binary

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1056 posts

Posted 03 November 2008 - 08:32 PM

Does anyone want a tutorial regarding hacking into wireless networks? It may better help you secure your network
  • 0

#24 Zapper

Zapper

    CC Newcomer

  • Just Joined
  • PipPip
  • 12 posts

Posted 04 November 2008 - 02:56 PM

That would be interesting.
  • 0





Also tagged with one or more of these keywords: encryption

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download