Just a little warning

Rex_Mundi

Has this thread taken on its own life or something?

In the very first post in this thread, the OP said to use WPA as a security measure against wardrivers.

All of a sudden, it seems that this is a new discovery later in the thread.

I've seen WEP cracking software in action (running perfectly on windows). I've also seen MAC spoofing running alongside this. If anyone says this is difficult, they don't know what's out there. It is so easy to crack a network if you have the right software that it makes most wireless security measures irrelevant.

The last time I saw this in action, it took under one minute to get the key for the network.

We should be thankful that wardriving is a rare occurrence. The normal security measures for a wireless network will be good enough for 99.9% of people.

Saying that, I have wired my own home with CAT5e so I can just plug into the net/network in any room rather than having to bother with additional wireless security (it is by far the safest method).

albertross_2

Ok, what is the first and last letter of these magical tools that the wizards have at their disposal, and what was the method of attack?

sco0ter

I use W*** ***** **K. It is a full set of tools to crack WEP/WPA and spoof MAC addresses. All it needs is a certain DLL that is compatible with Atheros drivers and you are all set. All of which comes in the ZIP file. It comprises of a packetsniffer to record packets (it will filter out the IV packets for you so you can get an idea of how many usefull packets you have). A WEP/WPA password finder and also a packet injector so it can speed up the packet gathering process (never used the packet injector because the network I was told to try has 4 computers connected to it so I got over 2,000,000 packets in 7 hours anyway). As for 63 character random WPA... do a search you will see it is possible but just takes extremely long times and a LOT of packets (around20.000.000)... WPA2 is the one that has not been cracked yet (not that I have heard anyway).

WPA2 should be the first method of protection and then WPA. As said WPA will protect just about everyone unless you have an extremely nosy neighbour who just wants into your comp. You could always get Mcafee Wireless security. If your router is supported then it will continually change the WPA key randomly as often as you want (I think it reccomends once a week). It will also tell you of any others connected to your network and give warnings of this as well as allowing guest users and barring people.

Oh and one more thing... When Im talking about packets I mean USABLE packets (IV's)... Not all packets gathered will contain usable information. When I said I got 2,000,000 packets in 7 hours the total number of packets was actually around 5,000,000

amcluesent

>it is by far the safest method<

But easy to break using TEMPEST based exploits...(Yeah, you need to be paranoid in Blair's Police State!)