-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
How I cracked my neighbor's WiFi password without breaking a sweat
- Thread starter Chiefcrowe
- Start date
VirtualLarry
No Lifer
Interesting read, perhaps I should change my WiFi passwords!
VirtualLarry
No Lifer
Verizon still deploys FIOS installs with a wifi router pre-configured for WEP, with the passcode printed on the bottom of the router.
Chiefcrowe
Diamond Member
The last 2 people I saw with FIOS who just got it recently, had it preconfigured for WPA2, so I think they are finally getting the idea..
Ha, that must be why I see so many WEP networks in my neighborhood.
ussfletcher
Platinum Member
Only made easier by WPS.
lxskllr
No Lifer
Or leave it open as a community service ;^)
VirtualLarry
No Lifer
I did, until the neighbors started torr3nting, and I couldn't even use my own DSL connection.
lxskllr
No Lifer
DSL's a meager resource to share. I wouldn't be as inclined to leave it open on DSL. Setting aggressive QOS on the router could help, but DSL's barely acceptable for one person, much less multiple people.
That's a pretty bold statement to make. I get between 10 and 20 Mbps on VDSL (att Uverse)...I don't see how that's "barely acceptable".
lxskllr
No Lifer
I haven't been following the tech that closely, and didn't know DSL went that fast. Might be due to my local experience. I think it tops out around 3mbps around here.
Paperlantern
Platinum Member
20 is petty robust. I use cable and only just recently bumped from 8Mbps up to 15Mbps, though for some reason they doubled my upstream which was nice for my FTP and Minecraft servers. My old D-Link only supports WPA. I've been looking at current models recently. I'm taking CISSP soon and it's opened my eyes and interesting this type of stuff. I had a really terrible setup before. I would only deter he people that stop trying when they see the lock icon, lol
Jeffg010
Diamond Member
So the moral of the story is not to use Wireless? I run all wire in my house.
and below was a comment that states it does not even matter what your passkey is.
"This is all well and good, but one thing to keep in mind: if you have WiFi Protected Setup (WPS) enabled on your router (and you likely do if you bought a router in the past 4-5 years), it makes no difference how long or complex your WPA/WPA2 passkey is. If it is enabled, WPS can be easily cracked within 24 (or less in many cases) hours by breaking down the 8-character PIN into 2 halves, and cracking those halves. The 8th digit is actually a checksum of the first 7, so really you only have to guess the first 7. This amounts to 11,000 (!) possible combinations. Once cracked, your program of choice can request the full, unencrypted, plaintext WPA/WPA2 passkey, without ever having to touch it.
Oh, and this can all be done with free, open-source, readily available software, and requires very little hardware power.
Edit: Also, looking at the screen cap of the list of APs - many of them show WPS(ON). This makes an even stronger case for WPS cracking, as it takes less time, and you don't have to buy expensive software or spend lots of money on renting out EC2 servers to crack the WPA passkey."
and below was a comment that states it does not even matter what your passkey is.
"This is all well and good, but one thing to keep in mind: if you have WiFi Protected Setup (WPS) enabled on your router (and you likely do if you bought a router in the past 4-5 years), it makes no difference how long or complex your WPA/WPA2 passkey is. If it is enabled, WPS can be easily cracked within 24 (or less in many cases) hours by breaking down the 8-character PIN into 2 halves, and cracking those halves. The 8th digit is actually a checksum of the first 7, so really you only have to guess the first 7. This amounts to 11,000 (!) possible combinations. Once cracked, your program of choice can request the full, unencrypted, plaintext WPA/WPA2 passkey, without ever having to touch it.
Oh, and this can all be done with free, open-source, readily available software, and requires very little hardware power.
Edit: Also, looking at the screen cap of the list of APs - many of them show WPS(ON). This makes an even stronger case for WPS cracking, as it takes less time, and you don't have to buy expensive software or spend lots of money on renting out EC2 servers to crack the WPA passkey."
PrincessFrosty
Platinum Member
It's up to 24Mbit in the UK on ADSL2, but it depends on line quality and you need to be a few hundred meters from the exchange or less to get max speed, it drops off really fast, even inner city folks get pretty lame speeds of 10-15Mbit.
Fibre is the way to go, or what I have which is hybrid fibre coax cable from Virgin Media, 50mbit soon to be 120Mbit.
Fibre is the way to go, or what I have which is hybrid fibre coax cable from Virgin Media, 50mbit soon to be 120Mbit.
I don't think there are problems with WPA2, its only WPS that needs to be turned off.
MrColin
Platinum Member
It is crackable with freely available software. Using paid software and services it takes less time.
Yes there are free crackers easily available but WPA2 PSK is not broken as WEP so brute forcing with cloud services is still impractical if the password is long enough.
http://www.tomshardware.com/reviews/wireless-security-hack,2981-8.html
http://www.tomshardware.com/reviews/wireless-security-hack,2981-10.html
PrincessFrosty
Platinum Member
Password complexity is irrelevant with the WPS weakness, you don't attack the password you attack the unique WPS ID of the router which is essentially a 7 length numeric only key, it's something like 11,000 different combinations, once you've got it the auth info is sent directly back to you.
ch33zw1z
Lifer
I read it as though he wasn't attacking WPS, but the authentication itself.
I only mentioned WPS because the previous poster in my OP mentioned that wireless was risky which it isn't, well relatively speaking.
The article in the OP did not reveal any major problems in the WPA/WPA2 protocol, it was talking about cloud cracking WPA/WPA2 12 and 14 char (all lowercase) passwords in seconds. The passwords were weak because they used common words in the dictionary. WPA2 is quite secure since it uses salting and key stretching, its not that great now (with gpgpu and cloud cracking) but should be reasonably secure with long passwords which it supports - up to 63 or 64 char. I'd be worried if routers truncate long passwords in the encryption but that is a different matter.
The article in the OP did not reveal any major problems in the WPA/WPA2 protocol, it was talking about cloud cracking WPA/WPA2 12 and 14 char (all lowercase) passwords in seconds. The passwords were weak because they used common words in the dictionary. WPA2 is quite secure since it uses salting and key stretching, its not that great now (with gpgpu and cloud cracking) but should be reasonably secure with long passwords which it supports - up to 63 or 64 char. I'd be worried if routers truncate long passwords in the encryption but that is a different matter.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
