Re: Router Homepage says WPA2 but Net Stumbler says WEP in Wireless Security

Re: Router Homepage says WPA2 but Net Stumbler says WEP in Wireless Security http://www.dslreports.com/forum/r20221580 en Sat, 30 Aug 2008 03:04:04 EDT Sat, 30 Aug 2008 03:04:04 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223482 anon : Reliable wireless tools are generally on Linux. As an alternative, you can probably run this on VMware Player within Windows:

»www.vmware.com/appliances/directory/122]]> http://www.dslreports.com/forum/remark,20223482 Tue, 25 Mar 2008 15:24:13 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223441 antdude :

said by puffgussy36

:

Oh is it for MAC only?

No. Mac (not MAC -- MAC address? :P), Windows (need that Cyngwin thing), and Linux.]]> http://www.dslreports.com/forum/remark,20223441 Tue, 25 Mar 2008 15:17:01 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223383 puffgussy36 : Oh is it for MAC only? ]]> http://www.dslreports.com/forum/remark,20223383 Tue, 25 Mar 2008 15:07:12 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223338 antdude :

said by puffgussy36

:

Ant did you look into this?

»www.kismetwireless.net/

Yeah, the old Kismet under Mac OS X 10.2.8. :)]]> http://www.dslreports.com/forum/remark,20223338 Tue, 25 Mar 2008 15:02:23 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223218 puffgussy36 : Ant did you look into this?

»www.kismetwireless.net/ ]]> http://www.dslreports.com/forum/remark,20223218 Tue, 25 Mar 2008 14:45:25 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223142 antdude :

said by justanotherguy :

There are commercial tools you can buy (AirPCap, AirMagnet, etc.) that'll allow you to see the packets in Windows, but if you want to go free (albeit with a bit of a learning curve) try out the BackTrack LiveCD or USB distro. If you have a supported wireless card / chipset, you can set the wireless interface into monitor mode and see all the 802.11 management frames, as well as the WPA 4-way handshake taking place.

The big trick with Linux though is actually getting a wireless card that actually has a supported chipset for it. That might take some digging and research, but you learn a lot more in the end.

So nothing in Windows for a quick scan like NetStumbler then. :(
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer]]> http://www.dslreports.com/forum/remark,20223142 Tue, 25 Mar 2008 14:32:10 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223131 anon : There are commercial tools you can buy (AirPCap, AirMagnet, etc.) that'll allow you to see the packets in Windows, but if you want to go free (albeit with a bit of a learning curve) try out the BackTrack LiveCD or USB distro. If you have a supported wireless card / chipset, you can set the wireless interface into monitor mode and see all the 802.11 management frames, as well as the WPA 4-way handshake taking place.

The big trick with Linux though is actually getting a wireless card that actually has a supported chipset for it. That might take some digging and research, but you learn a lot more in the end.]]> http://www.dslreports.com/forum/remark,20223131 Tue, 25 Mar 2008 14:30:40 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223099 puffgussy36 : Well the site survey function available in the software for the Trendnet adapter offers most of the information you get in NS sans true signal strength and noise. I know there are other "sniffers" out there but I would not know what to recommend.

Up until two weeks ago I didn't know a thing about wireless connections, routers, etc. I'm getting a nice crash course though. :)]]> http://www.dslreports.com/forum/remark,20223099 Tue, 25 Mar 2008 14:22:45 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223065 antdude : NetStumbler is indeed too old. Is there another program like NetStumbler that is updated to recognize WPA and newer technologies?

I asked about this in its forum a couple years ago: »www.netstumbler.org/f55/updates-···t-21259/ ... It seems the author stopped developing it. Hence, I am asking if there is another tool like it.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer]]> http://www.dslreports.com/forum/remark,20223065 Tue, 25 Mar 2008 14:15:07 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20223027 anon : As noted above, the best use of WPA or WPA2 is via strong passphrases, at least when using pre-shared key. The better system would be to use an EAP-based system (a la RADIUS server) but that requires an AP that supports it, plus you need to set up a RADIUS server as well as client identity credentials (certificate, password, etc.). It's a lot more moving parts to manage, but it's the best way to keep rotating your Pairwise Master Key between authenticated sessions. Aside from LEAP (and perhaps MD5), I'm not aware of any tools that attack 802.1X.

But for small-scale use, WPA / WPA2 is the practical way to go, plus using an SSID that can be considered unique (something that probably won't exist in a rainbow table). Defeating WPA-PSK security is still based on dictionary attacks.]]> http://www.dslreports.com/forum/remark,20223027 Tue, 25 Mar 2008 14:09:17 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20222796 puffgussy36 : Ah good ol' Gibson Research. :D]]> http://www.dslreports.com/forum/remark,20222796 Tue, 25 Mar 2008 13:37:56 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20222695 duhriddler : The best solution would be to use WPA2 with AES and a passphrase consisting of 63 random printable ASCII characters. This website will do the trick: »https://www.grc.com/passwords.htm]]> http://www.dslreports.com/forum/remark,20222695 Tue, 25 Mar 2008 13:22:55 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20221580 puffgussy36 : That's hilarious. :D

The Cray couldn't crack that key. I already used the .txt file idea too.

Thanks for the tip.]]> http://www.dslreports.com/forum/remark,20221580 Tue, 25 Mar 2008 09:25:07 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20221558 koolman2 : If all of your devices support it, then yes, I would switch it. Keep in mind, though, that TKIP is also a VERY strong encryption method.

I would think about making that key a bit longer as well. Keep it on a USB drive or something as a .txt file so that you don't have to remember it. Make it something like "sdifyw8ohuA^A734yhbqk37a*#&#$4=adsf=fsdf". Just mash your face onto your keyboard and you should have a good key.
--
There's no place like ::1.]]> http://www.dslreports.com/forum/remark,20221558 Tue, 25 Mar 2008 09:20:09 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20221527 puffgussy36 : I currently have it configured to WPA2 Personal TPIK and my pass phrase is 15 random alpha numeric characters. Should I still change it to AES?]]> http://www.dslreports.com/forum/remark,20221527 Tue, 25 Mar 2008 09:11:38 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20221490 koolman2 : Ignore anything except WPA. Anything else is like putting Saran Wrap over your deadbolt. Basically, if someone can crack your WPA, you have worse things to worry about. MAC filtering and a "hidden" SSID are trivial compared to cracking WPA (which, by the way, when applied with a random string of characters, has yet to be cracked), and only make it more difficult to use your own network.

My suggestion: if all of your devices support it, use WPA with AES and a 256-bit key (or WPA2+AES256 if supported). AES has no known way to crack it unless you're a moron and make the key obvious.

Cue the "every bit helps" crowd...
--
There's no place like ::1.]]> http://www.dslreports.com/forum/remark,20221490 Tue, 25 Mar 2008 09:02:14 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20221470 puffgussy36 : I went into a Net Stumbler forum. Apparently the program identifies all forms of encryption as WEP. Both the Linksys settings page and the site survey function of my Trendnet adapter identify the encryption as WPA2.

I have another question regarding security. I've seen a number of Google search results for "cracking" WPA. This prompted me to find a way to further beef up the security on my connection. I initiated the MAC filtering allowing only PCs in my permit list to access the connection.

Is there anything more I can do?]]> http://www.dslreports.com/forum/remark,20221470 Tue, 25 Mar 2008 08:55:46 EDT Re: Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20220048 Ravenheart : What I gather is that Net Stumbler is too old to understand WPA.

If you connect an XP laptop wirelessly, for instance, the Network Connections applet > Wireless Network Connection properties > Wireless Networks tab > current network properties should reflect the authentication in use.]]> http://www.dslreports.com/forum/remark,20220048 Mon, 24 Mar 2008 22:32:17 EDT Router Homepage says WPA2 but Net Stumbler says WEP http://www.dslreports.com/forum/remark,20218124 puffgussy36 : When I access my Linksys WRT54g router's settings page and check the type of encryption I'm using it says WPA2. I use a Trendnet USB wireless adapter and have to enter in a 13 character pass phrase in order to connect to the router. However, when I run a site survey with Net Stumbler it says that my encryption is WEP (which I definitely do not want).

How can I tell for sure that I'm actually initiating WPA2 level encryption?

Thanks.]]> http://www.dslreports.com/forum/remark,20218124 Mon, 24 Mar 2008 16:39:41 EDT