How is really secure WPA?

[usernet]

Greetings, sorry for my English but is too long that I don't use it properly..
I'm new of the community but i follow you for a long time and I would like to ask you a question... is very general but I think that we can also get into specifics:

Why, today, we can not consider safe a network protected with the WPA?

My considerations are based only to the private context (home WLAN & small office WLAN) and i think unrealistic that a private user can be feared that his home wifi network, protected with a WPA that use a strong password, could be cracked.

In particular, I talk about a password for wpa from 8 to 14 characters, random and alphanumeric :

In a private context an user can not make a rainbow tables too large.. because, if we want to try a bruteforce attack, properly for this password (since the word made no sense)the extension of the rainbow tables are "only" 56xx PB.. (yes, i tried to generate :P )

By using an intelligent algorithms bruteforce, ex bruteforce with the Markov algorithm and statistical calculations ... We already know that we have to use enormous computing power (for now, I've seen that the theoretical maximum can be accomplished by using botnets or through dedicated cloud server) and that is no guaranted to obtain any results.

Finally, using dedicated methods of attack (ex the vulnerability in the registration mechanism of wps, or the vulnerabily of the wireless with QoS networks) it's possible only for a few networks with this known vulnerabilities (then we can disable the exploitable service).

So.. I read many articles that say a big letters "WPA violated in 15 minutes" "WPA violated in only 1 minute" and talk abouts also attacks that seems carried out by phantomatics American and Japanese researchers that maintains this incredibile secret .. but what is the real substance of situation? Is really possibile, in a private context, to violate a network protected by WPA, whith a users that decide to use a strong password for their protection?

Thanks all for any replies.

[hongman]

I am in agreement with you there.

A WPA wireless network with a suitable password, and with no WPS-enabled, is pretty much going to be impossible to hack via the traditional wireless attack vectors.

However, there are a lot of other ways someone can compromise other parts of the network which could lead to the WPA Passphrase being revealed. Social Engineering, Phishing, etc.

[wifiUK]

client side attacks via metasploit and get the required wifi key from the inside of the network ...

[usernet]

Instead... if we talk about medium busisness we can consider that the attacker can expends much money to buy the necessary resources... right?

[usernet]

client side attacks via metasploit and get the required wifi key from the inside of the network ...

But you can consider unsecure a WEP protection, because an attacker, from the out of the network, can simply collect enough packets to decrypt the key..

If a network can keep out an attacker, is not like to have a good firewall to protect it?

[aerokid240]

Consider the main attack vectors for wpa networks, 1) dictionary attacks 2) rainbow table attacks (1-9 character passwords and passphrases) 3) WPS attack with a tool such as reaver.
If you can take the necessary measures to secure or harden yourself against such methods and follow best practices, you can consider yourself reasonably secure. Another underrated step that hardly anyone takes that i believe is necessary is signing up to mailing lists, security blogs/news websites. By following such websites, we can be made aware of current trends and attacks in a very timely fashion.

[shadowzero]

Instead... if we talk about medium busisness we can consider that the attacker can expends much money to buy the necessary resources... right?

Honestly, there isn't much money to expend. A great wireless adapter that can inject and capture wireless data can be purchased from eBay for $40. With a Pringles can I can extend the antenna, or just shell out another $40 and get a premade Cantenna. So far we've spent about $80. If I buy two Starbucks lattes every day, I've already spent $70 in a week.

[usernet]

Honestly, there isn't much money to expend. A great wireless adapter that can inject and capture wireless data can be purchased from eBay for $40. With a Pringles can I can extend the antenna, or just shell out another $40 and get a premade Cantenna. So far we've spent about $80. If I buy two Starbucks lattes every day, I've already spent $70 in a week

.

I talk about the money that you can expend to buy a bots or, however, dedicated server for decrypt a wpa key.... I think an a possibile, similar, bruteforce attack.