General Wireless Questions
Hi,
Fisrst post so take it easy.
Been looking around and have cracked wep at home just for a test. It is so easy to do with some research. Also seen the ideas behind wpa cracking and have managed to find my hidden ssid. My questions are is wpa safe if you use a password from some where like grc.com[/url] which would be a long mixed password. Can wpa only be cracked from words out of a dictionary ?
Thanks for your help.
If you use a passphrase with lowercase,uppercase,numbers and special characters and make it at least 15 characters long the chances of some one brute forcing it are slim to none.Originally Posted by markiejd
ex. dyo+&Q;upa@?Np+/*
It would probably take more than a few years to brute force this.
Thanks for the speedym response.
If I do this and also set my router to not allow any new connections on the wireless this should be ok.
WPA on cracks on words in a dictionary ?
Thanks,
I think the "not allow any new connections" thing is mac address filtering. Not really useful, as macs can be spoofed. Most wpa attacks are using precompiled dictionaries, so yes it is a dictionary attack. I'm sure they could use John to just start throwing random characters at it, that's why purehate said use one at least 15 characters long. I'm sure there's a math genius here somewhere that could tell us how many possible combinations that would be. It's a really big number though.
Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69
I'm fairly sure it's more than 42.I think the "not allow any new connections" thing is mac address filtering. Not really useful, as macs can be spoofed. Most wpa attacks are using precompiled dictionaries, so yes it is a dictionary attack. I'm sure they could use John to just start throwing random characters at it, that's why purehate said use one at least 15 characters long. I'm sure there's a math genius here somewhere that could tell us how many possible combinations that would be. It's a really big number though.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
True, another aspect I see people overlook is the physical one. As renderman has pointed out before with the use of a switchblade.
switchblade's are evil
Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.
Just let me say, that particular incident was hilarious, and the particular vendor was none too pleased.
Did you see the video of Render cracking the safe on stage at Shmoo two years ago?
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Yes, what ended up being inside the safe?
For others interested check here.
Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.
Well, nothing because I didn't have time to get anything in it. If you watch the video, I showed up late and had to get the safe on the table shortly after they started presenting.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Posting Permissions
