Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Serious WEP cracking question.

  1. #1
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    3

    Default Serious WEP cracking question.

    This question isn't about HOW to crack wep, god knows theres enough HOWTO's out there. My question is what do you do once you have the key.

    I have an EEE Pc and I installed BT3 on an sd card. After messing around with it for a while and getting wifi working, I figured I would try and crack my WEP. After about 2 days of trying different HOWTO's I finally cracked it. I call my techie neighbor over to show him. He asked me a really good question. "Now What? My router logs all incoming and out going IP address." He's right mine does that to. For instance I know alot of people that have there very own website set as there homepage. Which is easily track able back to the person. Thats just an example.

    Now for my question. Is there a way to connect to an access point and be completely hidden from the logging software built in to most routers. Is there anyway to disguise the info leaving my computer? I know i can change my mac address. What else can i do to remain anonymous?

  2. #2
    Member
    Join Date
    Mar 2007
    Posts
    204

    Default

    this sounds dubious but here goes...

    you could use hydra to log into your AP and clear the logs perhaps? hell even turn logging off once your in there.

    erm, dont set your personel website as your homepage would be a good start...

    Why do these type of questions always contain somones 'friend' or 'neighbour'?

    What model and make is your AP?

  3. #3
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    3

    Default

    It does sound dubious now that i re-read what i posted. I have some REAL serious concerns seeing as how easy it was to crack my WEP key. It only took around 90 seconds! Im afraid that if its that easy for me with no "Real" hacking abilitys. How much easier is it for the kid down the street that everyone takes there computers to to be fixed.

    I guess i should reword my last paragraph. Im not really interested in how to do it, but what should I watch for or are there ways to protect myself from this.

    Judgeing from merlin051's post
    Code:
    you could use hydra to log into your AP and clear the logs perhaps? hell even turn logging off once your in there.
    It's just as easy as I feared. My router is an old NetworkAnyWhere router. I believe there made by linksys. But how safe is setting up encryption. It seems WEP/WAP/WAP2 have all been cracked.

  4. #4
    Junior Member
    Join Date
    Mar 2008
    Posts
    28

    Default

    The idea of security isn't to keep everyone out but to keep bad people out. Namely script kiddies and thieves. Most dubious crackers and kiddies will opt out for the easiest network to crack. So if anything you should just make security tougher. If I were you I'd at least change security to WPA and make it about 10 digits long with at least one capital character, one symbol, and a number. Also the next best thing to do is set mac filtering to only allow certain macs in. If you do that it makes using the network at least very tough even if they spoof yours. The tougher your security the least likely it'll mishandled by nimwits. You sound like a home user. Most people who are malicious are looking for easy targets who also have something to lose. You probably have something others may want but it's better to make a malicious person go after an easier target.

  5. #5
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    3

    Default

    Sounds like great advice. My router is to old to do WAP. I think its time to by a new one. Would a home built linux router with shorewall or something be bettery than a store bought router, or maybe set it up as a gateway between the modem and router so I can have better logs and tighter control. Ive been using linux for years so settng it up would be easy. I just dont know diddly about networking or security in general.

  6. #6
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    #1 Don't use wep! As you now know, wep is ridiculously easy to break.
    #2 Use wpa, for a home user, use wpa with a radius server for a business. Also if it's a business keep the wifi on a separate network from the wired. Let them vpn in if they need wireless and access to the file servers or whatnot.
    #3 For home wpa, use "good" passwords. Mixed upper, lower, numbers, and symbols. Go for the longest password you think is reasonable. I'm pretty sure the longest you can go is 63 characters. Mine is that long and I keep it on my usb thumb drive and cut and paste it in.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  7. #7
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Also, don't rely on the built-in log on a router. Forward that log to a machine running syslog.
    Thorn
    Stop the TSA now! Boycott the airlines.

  8. #8
    Junior Member
    Join Date
    Mar 2008
    Posts
    28

    Default

    Quote Originally Posted by Barry View Post
    #1 Don't use wep! As you now know, wep is ridiculously easy to break.
    #2 Use wpa, for a home user, use wpa with a radius server for a business. Also if it's a business keep the wifi on a separate network from the wired. Let them vpn in if they need wireless and access to the file servers or whatnot.
    #3 For home wpa, use "good" passwords. Mixed upper, lower, numbers, and symbols. Go for the longest password you think is reasonable. I'm pretty sure the longest you can go is 63 characters. Mine is that long and I keep it on my usb thumb drive and cut and paste it in.
    What I would do is use a root password, hex it, then rehex that, then 1337 it and do it as you said.

  9. #9
    Junior Member
    Join Date
    Dec 2007
    Posts
    44

    Default

    correct me if i'm wrong, but wpa(2) passwords like "$&712đš/!$@{*Asćłł27" are IMPOSSIBLE to break, at least in reasonable amount of time. everyting else is crackable.

    so why use anything except wpa2 with a complicated password?

  10. #10
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by Dark Ragnarok View Post
    What I would do is use a root password, hex it, then rehex that, then 1337 it and do it as you said.
    My root password is root. That wouldn't be very good now would it?
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •