puffgussy36
join:2007-01-15
Hampton, NH
edit:
March 24th, @04:40PM
| Router Homepage says WPA2 but Net Stumbler says WEP
When I access my Linksys WRT54g router's settings page and check the type of encryption I'm using it says WPA2. I use a Trendnet USB wireless adapter and have to enter in a 13 character pass phrase in order to connect to the router. However, when I run a site survey with Net Stumbler it says that my encryption is WEP (which I definitely do not want).
How can I tell for sure that I'm actually initiating WPA2 level encryption?
Thanks. |
|
Ravenheart
join:2006-02-10
Berkeley, CA
| What I gather is that Net Stumbler is too old to understand WPA.
If you connect an XP laptop wirelessly, for instance, the Network Connections applet > Wireless Network Connection properties > Wireless Networks tab > current network properties should reflect the authentication in use. |
|
puffgussy36
join:2007-01-15
Hampton, NH
| I went into a Net Stumbler forum. Apparently the program identifies all forms of encryption as WEP. Both the Linksys settings page and the site survey function of my Trendnet adapter identify the encryption as WPA2.
I have another question regarding security. I've seen a number of Google search results for "cracking" WPA. This prompted me to find a way to further beef up the security on my connection. I initiated the MAC filtering allowing only PCs in my permit list to access the connection.
Is there anything more I can do? |
|
koolman2
Premium
join:2002-10-01
Anchorage, AK
 ·GCI.net
 ·Clearwire Wireless
edit:
March 25th, @09:05AM
| Ignore anything except WPA. Anything else is like putting Saran Wrap over your deadbolt. Basically, if someone can crack your WPA, you have worse things to worry about. MAC filtering and a "hidden" SSID are trivial compared to cracking WPA (which, by the way, when applied with a random string of characters, has yet to be cracked), and only make it more difficult to use your own network.
My suggestion: if all of your devices support it, use WPA with AES and a 256-bit key (or WPA2+AES256 if supported). AES has no known way to crack it unless you're a moron and make the key obvious.
Cue the "every bit helps" crowd...
--
There's no place like ::1. |
|
puffgussy36
join:2007-01-15
Hampton, NH | I currently have it configured to WPA2 Personal TPIK and my pass phrase is 15 random alpha numeric characters. Should I still change it to AES? |
|
koolman2
Premium
join:2002-10-01
Anchorage, AK
·GCI.net
·Clearwire Wireless
| If all of your devices support it, then yes, I would switch it. Keep in mind, though, that TKIP is also a VERY strong encryption method.
I would think about making that key a bit longer as well. Keep it on a USB drive or something as a .txt file so that you don't have to remember it. Make it something like "sdifyw8ohuA^A734yhbqk37a*#&#$4=adsf=fsdf". Just mash your face onto your keyboard and you should have a good key.
--
There's no place like ::1. |
|
puffgussy36
join:2007-01-15
Hampton, NH | That's hilarious. 
The Cray couldn't crack that key. I already used the .txt file idea too.
Thanks for the tip. |
|
duhriddler
join:2007-08-26
Riegelsville, PA
| The best solution would be to use WPA2 with AES and a passphrase consisting of 63 random printable ASCII characters. This website will do the trick: »https://www.grc.com/passwords.htm |
|
puffgussy36
join:2007-01-15
Hampton, NH | Ah good ol' Gibson Research. |
|
justanotherguy
@ipass.com
| As noted above, the best use of WPA or WPA2 is via strong passphrases, at least when using pre-shared key. The better system would be to use an EAP-based system (a la RADIUS server) but that requires an AP that supports it, plus you need to set up a RADIUS server as well as client identity credentials (certificate, password, etc.). It's a lot more moving parts to manage, but it's the best way to keep rotating your Pairwise Master Key between authenticated sessions. Aside from LEAP (and perhaps MD5), I'm not aware of any tools that attack 802.1X.
But for small-scale use, WPA / WPA2 is the practical way to go, plus using an SSID that can be considered unique (something that probably won't exist in a rainbow table). Defeating WPA-PSK security is still based on dictionary attacks. |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
|  reply to puffgussy36
NetStumbler is indeed too old. Is there another program like NetStumbler that is updated to recognize WPA and newer technologies?
I asked about this in its forum a couple years ago: »www.netstumbler.org/f55/updates-···t-21259/ ... It seems the author stopped developing it. Hence, I am asking if there is another tool like it.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
puffgussy36
join:2007-01-15
Hampton, NH
| Well the site survey function available in the software for the Trendnet adapter offers most of the information you get in NS sans true signal strength and noise. I know there are other "sniffers" out there but I would not know what to recommend.
Up until two weeks ago I didn't know a thing about wireless connections, routers, etc. I'm getting a nice crash course though.  |
|
justanotherguy
@ipass.com
| There are commercial tools you can buy (AirPCap, AirMagnet, etc.) that'll allow you to see the packets in Windows, but if you want to go free (albeit with a bit of a learning curve) try out the BackTrack LiveCD or USB distro. If you have a supported wireless card / chipset, you can set the wireless interface into monitor mode and see all the 802.11 management frames, as well as the WPA 4-way handshake taking place.
The big trick with Linux though is actually getting a wireless card that actually has a supported chipset for it. That might take some digging and research, but you learn a lot more in the end. |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| said by justanotherguy :
There are commercial tools you can buy (AirPCap, AirMagnet, etc.) that'll allow you to see the packets in Windows, but if you want to go free (albeit with a bit of a learning curve) try out the BackTrack LiveCD or USB distro. If you have a supported wireless card / chipset, you can set the wireless interface into monitor mode and see all the 802.11 management frames, as well as the WPA 4-way handshake taking place.
The big trick with Linux though is actually getting a wireless card that actually has a supported chipset for it. That might take some digging and research, but you learn a lot more in the end. So nothing in Windows for a quick scan like NetStumbler then. 
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
puffgussy36
join:2007-01-15
Hampton, NH | Ant did you look into this?
»www.kismetwireless.net/ |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| Yeah, the old Kismet under Mac OS X 10.2.8. |
|
puffgussy36
join:2007-01-15
Hampton, NH | Oh is it for MAC only? |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| said by puffgussy36  :Oh is it for MAC only? No. Mac (not MAC -- MAC address? :P), Windows (need that Cyngwin thing), and Linux. |
|
justanotherguy
@ipass.com
 from:
antdude
| Reliable wireless tools are generally on Linux. As an alternative, you can probably run this on VMware Player within Windows:
»www.vmware.com/appliances/directory/122 |
|
