Solved

Wifi security

Posted on 2011-09-25
3
315 Views
Last Modified: 2012-05-12
I wanted to test my wifi security, but I don't know how.  My friend just went to a "computer show" and purchased some software that is supposed to "crack" any wifi and we had a conversation over the phone and he wants to prove that this software will crack my wifi.  My question really is how can I make sure he does not crack my password/passphrase?  According to him, the software can crack WEP, WPA, and my WPA2 encryption.  

Lastly, how would I be able to test my own network.  What I wanted to do was since I have three pc's/laptop's within my wifi, how could I connect to another pc/laptop or view other files within my separate pc's/laptops without knowing their ip address?
0
Comment
Question by:ee4itpro
3 Comments
 
LVL 87

Expert Comment

by:rindi
Comment Utility
WPA shouldn't be crackable if you use a long, strong passphrase with a mixture of caps, non-caps, numbers and make sure that phrase isn't anything that is included in any dictionary. But WEP can be cracked within a short time provided enough packets can be captured by the hackers.
0
 
LVL 25

Accepted Solution

by:
Fred Marshall earned 500 total points
Comment Utility
You are asking two separate questions it appears:

Q1: Can the wireless security be cracked?

Q2: If a computer is already on the network can you see files on other computers without knowing their IP addresses?

A1:  If you use WPA2 and AES then you're doing the best your equipment can offer.  Since WPA and WPA2 are reportedly only crackable using brute force techniques then it's a good idea to use 63-character passphrases of random characters.  Those take more years than one can imagine to crack brute force (meaning they have to try the exact passphrase - see http://lastbit.com/pswcalc.asp).  You can get one ready made at websites such as:
http://www.yellowpipe.com/yis/tools/WPA_key/generator.php
or
http://www.speedguide.net/wlan_key.php

In either case, select 504-bit / 63-character.

Don't worry, you'll never have to type this random key.  In fact DON'T because the chance of a typo is way too high!!

Copy it (in its entirety) and paste it into Notepad.  Save the notepad file somewhere reasonable.  Maybe put it on a USB Thumbdrive and a CD.  

Now, when you set up a PC, just insert the CD or thumbdrive, open the .txt file, copy the passphrase and paste it into the settings box when the time comes.

You can add to security by doing a bunch of little things.  Not that any of these are perfect but the difficulty factor to the hacker goes up:
- don't broadcast the SSID
- only allow computers with MAC addresses that you have entered in the router (MAC filtering)
- turn off DHCP and assign static IP addresses to all your computer's wireless interfaces.  This may be inconvenient for travelling laptops but it makes getting on your network a bit harder.
- choose a base IP address that's not common:
Instead of 192.168.1.x or 192.168.0.x or 10.0.0.x use something like:
10.215.127.x
and, to further limit you might use
10.215.127.208 / 255.255.255.240 which will limit the number of devices to 14 and 255.255.255.248 will limit the number of computers to 6 (including the router's LAN address in both cases).

Now, if someone wants to get on your network they won't have DHCP and they will have to guess at or probe the IP address range and will have to spoof one of your MAC addresses.  All this takes time, effort and some skill.
Before they can really do any of that, they have to crack your passphrase.

By themselves, none of these are great .. like the hook on your screen door.  But discouragement helps nonetheless.

A2:  If you have a Windows network and the computer you add to the network is a Windows computer then you should be able to see shared computers in My Network Places by Name.  So, no IP address needed.  

Or you could exhaustively go through the likely IP addresses doing this:
Start/Run
\\[ipaddress]

example:
Start/Run
\\192.168.1.5

After a few seconds you will either get a message that the computer can't be accessed or a folder of shared folders will be displayed.

Just keep repeating this for each likely IP address.






0
 
LVL 6

Expert Comment

by:Em Man
Comment Utility
The best way is to only allow specific computer to connect to your WIFI by adding them Manually using MAC Address other others is Blocked.

Next is to make sure that WPA,WPA2 or AES is your Wifi Encryption.

Do not broadcast your SSID.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now