Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Wireless network security for businesses

  1. #1
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    6

    Default Wireless network security for businesses

    I work for a small company which sets up networks for small businesses. In the past, my boss would only setup simple WEP on the network. I was wondering how crackable WPA is? Is WPA or WPA2 the solution? I haven't seen any good information on cracking WPA besides running the key against a dictionary list.

    Can anyone give me any further information on securing a wireless network beyond being cracked?

    Thanks in advance...

  2. #2
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    A "good" dictionary attack is only way so far to crack WPA/WPA2. beyond that..unplugging your APs' power cord when its not in use is the only way to secure any Wi-Fi network.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  3. #3
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    6

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    A "good" dictionary attack is only way so far to crack WPA/WPA2. beyond that..unplugging your APs' power cord when its not in use is the only way to secure any Wi-Fi network.

    Thanks for the quick answer! So if I use a very complex password with WPA, it should be strong enough for most uses (besides government, bank, etc...)?

  4. #4
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by aaaronic View Post
    I work for a small company which sets up networks for small businesses. In the past, my boss would only setup simple WEP on the network. I was wondering how crackable WPA is? Is WPA or WPA2 the solution? I haven't seen any good information on cracking WPA besides running the key against a dictionary list.

    Can anyone give me any further information on securing a wireless network beyond being cracked?

    Thanks in advance...
    WPA2 with RADIUS

    Also, segregate wireless from wired.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  5. #5
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    use something similar to this......

    -=XploitZ1014 N3Tw0Rk=-

    And your good to go! The word you chose MUST be in the dictionary the "attacker" uses ..or all the other words in the world are useless to them.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  6. #6
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    6

    Default

    Quote Originally Posted by theprez98 View Post
    WPA2 with RADIUS

    Also, segregate wireless from wired.
    Does the average Windows XP machine support WPA2 with RADIUS? How expensive is RADIUS to setup?

    Is this necessary or is WPA with a very secure key a better option for a small business?

    Also, how do you segregate wireless from wired? Can you elaborate on that please?

  7. #7
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Remote Access Dial-Up User Service (RADIUS) Authentication and Authorization. RADIUS allows only approved users, via user name and password, access to the network. The server verifies the user before access is given. Different levels of access can be set up as well.


    It uses certificates and usernames and passwords for security. I'm sure you can crack it..nothings uncrackable. If I had the set up for WPA2 Enterprize..Id like to take a shot at it myself. If you know the username and password..your in.

    For small business..use WPA2 Personal with a key like mine..Capital..lowercase, numbers..spaces..special characters...and LONG!! The longer the better!..and if you forget the key...just reset your router and put another key in.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  8. #8
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    6

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    Remote Access Dial-Up User Service (RADIUS) Authentication and Authorization. RADIUS allows only approved users, via user name and password, access to the network. The server verifies the user before access is given. Different levels of access can be set up as well.


    It uses certificates and usernames and passwords for security. I'm sure you can crack it..nothings uncrackable. If I had the set up for WPA2 Enterprize..Id like to take a shot at it myself. If you know the username and password..your in.

    For small business..use WPA2 Personal with a key like mine..Capital..lowercase, numbers..spaces..special characters...and LONG!! The longer the better!..and if you forget the key...just reset your router and put another key in.
    Thanks for the reply! You have been very helpful

  9. #9
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Your quite welcome aaaronic..anytime m8.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  10. #10
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by theprez98 View Post
    WPA2 with RADIUS

    Also, segregate wireless from wired.
    To make that clear, nothing of any business or sensitive information should pass over the wireless network.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •