• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 349
  • Last Modified:

Wifi security

I wanted to test my wifi security, but I don't know how.  My friend just went to a "computer show" and purchased some software that is supposed to "crack" any wifi and we had a conversation over the phone and he wants to prove that this software will crack my wifi.  My question really is how can I make sure he does not crack my password/passphrase?  According to him, the software can crack WEP, WPA, and my WPA2 encryption.  

Lastly, how would I be able to test my own network.  What I wanted to do was since I have three pc's/laptop's within my wifi, how could I connect to another pc/laptop or view other files within my separate pc's/laptops without knowing their ip address?
0
ee4itpro
Asked:
ee4itpro
1 Solution
 
rindiCommented:
WPA shouldn't be crackable if you use a long, strong passphrase with a mixture of caps, non-caps, numbers and make sure that phrase isn't anything that is included in any dictionary. But WEP can be cracked within a short time provided enough packets can be captured by the hackers.
0
 
Fred MarshallPrincipalCommented:
You are asking two separate questions it appears:

Q1: Can the wireless security be cracked?

Q2: If a computer is already on the network can you see files on other computers without knowing their IP addresses?

A1:  If you use WPA2 and AES then you're doing the best your equipment can offer.  Since WPA and WPA2 are reportedly only crackable using brute force techniques then it's a good idea to use 63-character passphrases of random characters.  Those take more years than one can imagine to crack brute force (meaning they have to try the exact passphrase - see http://lastbit.com/pswcalc.asp).  You can get one ready made at websites such as:
http://www.yellowpipe.com/yis/tools/WPA_key/generator.php
or
http://www.speedguide.net/wlan_key.php

In either case, select 504-bit / 63-character.

Don't worry, you'll never have to type this random key.  In fact DON'T because the chance of a typo is way too high!!

Copy it (in its entirety) and paste it into Notepad.  Save the notepad file somewhere reasonable.  Maybe put it on a USB Thumbdrive and a CD.  

Now, when you set up a PC, just insert the CD or thumbdrive, open the .txt file, copy the passphrase and paste it into the settings box when the time comes.

You can add to security by doing a bunch of little things.  Not that any of these are perfect but the difficulty factor to the hacker goes up:
- don't broadcast the SSID
- only allow computers with MAC addresses that you have entered in the router (MAC filtering)
- turn off DHCP and assign static IP addresses to all your computer's wireless interfaces.  This may be inconvenient for travelling laptops but it makes getting on your network a bit harder.
- choose a base IP address that's not common:
Instead of 192.168.1.x or 192.168.0.x or 10.0.0.x use something like:
10.215.127.x
and, to further limit you might use
10.215.127.208 / 255.255.255.240 which will limit the number of devices to 14 and 255.255.255.248 will limit the number of computers to 6 (including the router's LAN address in both cases).

Now, if someone wants to get on your network they won't have DHCP and they will have to guess at or probe the IP address range and will have to spoof one of your MAC addresses.  All this takes time, effort and some skill.
Before they can really do any of that, they have to crack your passphrase.

By themselves, none of these are great .. like the hook on your screen door.  But discouragement helps nonetheless.

A2:  If you have a Windows network and the computer you add to the network is a Windows computer then you should be able to see shared computers in My Network Places by Name.  So, no IP address needed.  

Or you could exhaustively go through the likely IP addresses doing this:
Start/Run
\\[ipaddress]

example:
Start/Run
\\192.168.1.5

After a few seconds you will either get a message that the computer can't be accessed or a folder of shared folders will be displayed.

Just keep repeating this for each likely IP address.






0
 
Em ManCommented:
The best way is to only allow specific computer to connect to your WIFI by adding them Manually using MAC Address other others is Blocked.

Next is to make sure that WPA,WPA2 or AES is your Wifi Encryption.

Do not broadcast your SSID.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now