Results 1 to 8 of 8

Thread: How is really secure WPA?

  1. #1
    Just burned his ISO
    Join Date
    Apr 2012
    Posts
    6

    Question How is really secure WPA?

    Greetings, sorry for my English but is too long that I don't use it properly..
    I'm new of the community but i follow you for a long time and I would like to ask you a question... is very general but I think that we can also get into specifics:

    Why, today, we can not consider safe a network protected with the WPA?

    My considerations are based only to the private context (home WLAN & small office WLAN) and i think unrealistic that a private user can be feared that his home wifi network, protected with a WPA that use a strong password, could be cracked.

    In particular, I talk about a password for wpa from 8 to 14 characters, random and alphanumeric :

    In a private context an user can not make a rainbow tables too large.. because, if we want to try a bruteforce attack, properly for this password (since the word made no sense)the extension of the rainbow tables are "only" 56xx PB.. (yes, i tried to generate :P )

    By using an intelligent algorithms bruteforce, ex bruteforce with the Markov algorithm and statistical calculations ... We already know that we have to use enormous computing power (for now, I've seen that the theoretical maximum can be accomplished by using botnets or through dedicated cloud server) and that is no guaranted to obtain any results.

    Finally, using dedicated methods of attack (ex the vulnerability in the registration mechanism of wps, or the vulnerabily of the wireless with QoS networks) it's possible only for a few networks with this known vulnerabilities (then we can disable the exploitable service).

    So.. I read many articles that say a big letters "WPA violated in 15 minutes" "WPA violated in only 1 minute" and talk abouts also attacks that seems carried out by phantomatics American and Japanese researchers that maintains this incredibile secret .. but what is the real substance of situation? Is really possibile, in a private context, to violate a network protected by WPA, whith a users that decide to use a strong password for their protection?

    Thanks all for any replies.

  2. #2
    Member
    Join Date
    Jan 2006
    Posts
    90

    Default Re: How is really secure WPA?

    I am in agreement with you there.

    A WPA wireless network with a suitable password, and with no WPS-enabled, is pretty much going to be impossible to hack via the traditional wireless attack vectors.

    However, there are a lot of other ways someone can compromise other parts of the network which could lead to the WPA Passphrase being revealed. Social Engineering, Phishing, etc.

  3. #3
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    16

    Default Re: How is really secure WPA?

    client side attacks via metasploit and get the required wifi key from the inside of the network ...

  4. #4
    Just burned his ISO
    Join Date
    Apr 2012
    Posts
    6

    Default Re: How is really secure WPA?

    Instead... if we talk about medium busisness we can consider that the attacker can expends much money to buy the necessary resources... right?

  5. #5
    Just burned his ISO
    Join Date
    Apr 2012
    Posts
    6

    Default Re: How is really secure WPA?

    Quote Originally Posted by wifiUK View Post
    client side attacks via metasploit and get the required wifi key from the inside of the network ...
    But you can consider unsecure a WEP protection, because an attacker, from the out of the network, can simply collect enough packets to decrypt the key..

    If a network can keep out an attacker, is not like to have a good firewall to protect it?

  6. #6
    Senior Member
    Join Date
    Jul 2009
    Posts
    135

    Default Re: How is really secure WPA?

    Consider the main attack vectors for wpa networks, 1) dictionary attacks 2) rainbow table attacks (1-9 character passwords and passphrases) 3) WPS attack with a tool such as reaver.
    If you can take the necessary measures to secure or harden yourself against such methods and follow best practices, you can consider yourself reasonably secure. Another underrated step that hardly anyone takes that i believe is necessary is signing up to mailing lists, security blogs/news websites. By following such websites, we can be made aware of current trends and attacks in a very timely fashion.

  7. #7
    Member shadowzero's Avatar
    Join Date
    Jun 2011
    Location
    ${HOME}
    Posts
    94

    Default Re: How is really secure WPA?

    Quote Originally Posted by usernet View Post
    Instead... if we talk about medium busisness we can consider that the attacker can expends much money to buy the necessary resources... right?
    Honestly, there isn't much money to expend. A great wireless adapter that can inject and capture wireless data can be purchased from eBay for $40. With a Pringles can I can extend the antenna, or just shell out another $40 and get a premade Cantenna. So far we've spent about $80. If I buy two Starbucks lattes every day, I've already spent $70 in a week.

  8. #8
    Just burned his ISO
    Join Date
    Apr 2012
    Posts
    6

    Default Re: How is really secure WPA?

    Honestly, there isn't much money to expend. A great wireless adapter that can inject and capture wireless data can be purchased from eBay for $40. With a Pringles can I can extend the antenna, or just shell out another $40 and get a premade Cantenna. So far we've spent about $80. If I buy two Starbucks lattes every day, I've already spent $70 in a week
    .

    I talk about the money that you can expend to buy a bots or, however, dedicated server for decrypt a wpa key.... I think an a possibile, similar, bruteforce attack.

Similar Threads

  1. Secure enough ??
    By cassarrobert in forum OLD Pentesting
    Replies: 2
    Last Post: 03-28-2010, 10:29 PM
  2. WPA(2) Secure enough?
    By Mrpeepers310 in forum OLD Wireless
    Replies: 5
    Last Post: 01-29-2010, 01:16 AM
  3. Most secure OS?
    By letterhope in forum OLD General IT Discussion
    Replies: 25
    Last Post: 01-27-2008, 07:18 PM
  4. Most Secure OS - v2.0
    By letterhope in forum OLD Newbie Area
    Replies: 7
    Last Post: 01-23-2008, 08:48 PM
  5. how much bt2 is secure?
    By i00nsu in forum OLD Newbie Area
    Replies: 3
    Last Post: 08-27-2007, 07:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •