Solved

Wifi security

Posted on 2011-09-25
3
325 Views
Last Modified: 2012-05-12
I wanted to test my wifi security, but I don't know how.  My friend just went to a "computer show" and purchased some software that is supposed to "crack" any wifi and we had a conversation over the phone and he wants to prove that this software will crack my wifi.  My question really is how can I make sure he does not crack my password/passphrase?  According to him, the software can crack WEP, WPA, and my WPA2 encryption.  

Lastly, how would I be able to test my own network.  What I wanted to do was since I have three pc's/laptop's within my wifi, how could I connect to another pc/laptop or view other files within my separate pc's/laptops without knowing their ip address?
0
Comment
Question by:ee4itpro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 88

Expert Comment

by:rindi
ID: 36595899
WPA shouldn't be crackable if you use a long, strong passphrase with a mixture of caps, non-caps, numbers and make sure that phrase isn't anything that is included in any dictionary. But WEP can be cracked within a short time provided enough packets can be captured by the hackers.
0
 
LVL 26

Accepted Solution

by:
Fred Marshall earned 500 total points
ID: 36596187
You are asking two separate questions it appears:

Q1: Can the wireless security be cracked?

Q2: If a computer is already on the network can you see files on other computers without knowing their IP addresses?

A1:  If you use WPA2 and AES then you're doing the best your equipment can offer.  Since WPA and WPA2 are reportedly only crackable using brute force techniques then it's a good idea to use 63-character passphrases of random characters.  Those take more years than one can imagine to crack brute force (meaning they have to try the exact passphrase - see http://lastbit.com/pswcalc.asp).  You can get one ready made at websites such as:
http://www.yellowpipe.com/yis/tools/WPA_key/generator.php
or
http://www.speedguide.net/wlan_key.php

In either case, select 504-bit / 63-character.

Don't worry, you'll never have to type this random key.  In fact DON'T because the chance of a typo is way too high!!

Copy it (in its entirety) and paste it into Notepad.  Save the notepad file somewhere reasonable.  Maybe put it on a USB Thumbdrive and a CD.  

Now, when you set up a PC, just insert the CD or thumbdrive, open the .txt file, copy the passphrase and paste it into the settings box when the time comes.

You can add to security by doing a bunch of little things.  Not that any of these are perfect but the difficulty factor to the hacker goes up:
- don't broadcast the SSID
- only allow computers with MAC addresses that you have entered in the router (MAC filtering)
- turn off DHCP and assign static IP addresses to all your computer's wireless interfaces.  This may be inconvenient for travelling laptops but it makes getting on your network a bit harder.
- choose a base IP address that's not common:
Instead of 192.168.1.x or 192.168.0.x or 10.0.0.x use something like:
10.215.127.x
and, to further limit you might use
10.215.127.208 / 255.255.255.240 which will limit the number of devices to 14 and 255.255.255.248 will limit the number of computers to 6 (including the router's LAN address in both cases).

Now, if someone wants to get on your network they won't have DHCP and they will have to guess at or probe the IP address range and will have to spoof one of your MAC addresses.  All this takes time, effort and some skill.
Before they can really do any of that, they have to crack your passphrase.

By themselves, none of these are great .. like the hook on your screen door.  But discouragement helps nonetheless.

A2:  If you have a Windows network and the computer you add to the network is a Windows computer then you should be able to see shared computers in My Network Places by Name.  So, no IP address needed.  

Or you could exhaustively go through the likely IP addresses doing this:
Start/Run
\\[ipaddress]

example:
Start/Run
\\192.168.1.5

After a few seconds you will either get a message that the computer can't be accessed or a folder of shared folders will be displayed.

Just keep repeating this for each likely IP address.






0
 
LVL 6

Expert Comment

by:Em Man
ID: 36597384
The best way is to only allow specific computer to connect to your WIFI by adding them Manually using MAC Address other others is Blocked.

Next is to make sure that WPA,WPA2 or AES is your Wifi Encryption.

Do not broadcast your SSID.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decadeā€¦

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question