Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Secure Wifi

  1. #1
    Just burned his ISO Static's Avatar
    Join Date
    May 2009
    Posts
    17

    Default Secure Wifi

    Ok, I can see it's possible and sometimes very easy to crack WEP / WPA and WPA2 networks. Now, my disturbing thought: is there any way to make my network more secure besides good passwords? WPA2 is the most secure algoritmn available for common routers?

  2. #2
    Good friend of the forums
    Join Date
    Feb 2009
    Posts
    356

    Default

    use wpa2 with 16+ character alphanumeric password (the more random, the better). If somebody hacks your network after that anytime soon, I'll give you $100.

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by Static View Post
    Ok, I can see it's possible and sometimes very easy to crack WEP / WPA and WPA2 networks. Now, my disturbing thought: is there any way to make my network more secure besides good passwords? WPA2 is the most secure algoritmn available for common routers?
    WPA/WPA2 aren't algorithms, they're security protocols, which can be based on a number of different Encryption algorithms. Your best bet is WPA2 based on AES.

    For decent strength random passwords (which if you're really paranoid you should change with some regular frequency) check:
    https://www.grc.com/passwords.htm
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  4. #4
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    WPA2 AES + Strong Password + VPN or SSH = semi secure wireless.

    As was stated before in another thread if your looking for high security dont even think about going with wireless.

    Also note that even if you do all of that someone can DOS your network very easily and there really isnt a defense.

    If you have a few thousand dollars to spare you could go with SecNet 11 or 54 as those both have hardware encryption that's much more advanced than anything available to the average consumer
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    I'm curious what all you people are processing at home that you think everyone will be so interested in that they'll bother to break WPA2, especially considering some of your neighbors likely have open access points.

    Seriously, for a home network WPA2 using AES and a decent pass phrase is sufficient. If you choose to use VPN (with good encryption) on top of that even better.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  6. #6
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by thorin View Post
    I'm curious what all you people are processing at home that you think everyone will be so interested in that they'll bother to break WPA2, especially considering some of your neighbors likely have open access points.

    Seriously, for a home network WPA2 using AES and a decent pass phrase is sufficient. If you choose to use VPN (with good encryption) on top of that even better.
    Social security numbers, credit card numbers, banking records, pretty much anything that would work for identity theft. My wife runs her bookkeeping business out of the house. That's why I use wpa2 with a very long random password, and the wireless is separated from the wired network at the firewall. If we have to move files from a wireless machine to the wired network we use a vpn connection.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  7. #7
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by thorin View Post
    I'm curious what all you people are processing at home that you think everyone will be so interested in that they'll bother to break WPA2, especially considering some of your neighbors likely have open access points.
    I don't need no stinking neighbors accessing my pr0n stash!
    We must remember thorin there are ( not sure of numbers, statistics, etc) those who are paranoid about their government. Not sure if it warrants the need for such talk. Even if there is a government entity outside trying to "sniff", It would probably be much easier to beat the answers out.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  8. #8
    Just burned his ISO Static's Avatar
    Join Date
    May 2009
    Posts
    17

    Default

    Quote Originally Posted by thorin View Post
    I'm curious what all you people are processing at home that you think everyone will be so interested in that they'll bother to break WPA2, especially considering some of your neighbors likely have open access points.

    Seriously, for a home network WPA2 using AES and a decent pass phrase is sufficient. If you choose to use VPN (with good encryption) on top of that even better.
    Thanks for the advices guys. I'm thinking about using this VPN, is it easy to configure this in many machines with diferent OS with good secure protocols? My network have some Linux (Ubuntu and Backtrack) and Windows (Vista and XP) running on the computers. What do you recommend?

    Is it possible to improve security by changing the firmware of the wl router? I am using a Linksys WRT54G2 and a friend of mine said it's better to use DD-WRT's firmware then the original one. I am n00b at this 'tweaks'.

    PS.: and yes, I am the paranoid kind, because sometimes some important information circulates by the network. And it's not an domestic network, but a little (just 8 computers) comercial one.

  9. #9
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by Static View Post
    Thanks for the advices guys. I'm thinking about using this VPN, is it easy to configure this in many machines with diferent OS with good secure protocols? My network have some Linux (Ubuntu and Backtrack) and Windows (Vista and XP) running on the computers. What do you recommend?

    Is it possible to improve security by changing the firmware of the wl router? I am using a Linksys WRT54G2 and a friend of mine said it's better to use DD-WRT's firmware then the original one. I am n00b at this 'tweaks'.

    PS.: and yes, I am the paranoid kind, because sometimes some important information circulates by the network. And it's not an domestic network, but a little (just 8 computers) comercial one.
    I don't think dd-wrt is any more secure than the stock firmware given identical encryption.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  10. #10
    Just burned his ISO Static's Avatar
    Join Date
    May 2009
    Posts
    17

    Default

    So, there are no advantages of changing firmware to this one (DD-WRT)?!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •