Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

WPA-PSK Security Myths

Although not strictly related to WPA-PSK cracking, there are two security myths I've seen pop up here at SmallNetBuilder and around the web that I'd like to say a few words about.

Myth 1: Disabling the SSID Broadcast Secures your WLAN

"Cloaking" your SSID might sound good on the surface. But programs like Kismet that are capable of monitoring wireless network traffic are also able to "decloak" access points by listening to traffic between the clients and the access point.

For Kismet, this process takes only a few minutes of relatively light network traffic. Disabling the SSID broadcast really makes it only slightly harder for potential attackers to connect to your AP (they now have to type the SSID instead of clicking on it).

Myth 2: Filtering MAC Addresses Secures Your WLAN

This idea again sounds good on the surface: limit the computers that can connect by their MAC addresses. There are two problems with this technique.

1) Physically maintaining the table of acceptable MAC addresses becomes more burdensome as your network grows.

2) MAC addresses can be easily spoofed.

Chances are, if you are being attacked by someone who has the know-how to get past WPA, they will most likely spoof their MAC when they connect anyway, to avoid detection in your router's logs (by a possible failed MAC filter pass).

Kismet, in particular, excels at this with its AP "clients" view which lists, among other things, client MAC addresses.

Spoofing your MAC address (in Linux) is as simple as this:

bt ~ # ifconfig ath0 hw ether AA:BB:CC:DD:EE:FF
bt ~ # ifconfig ath0 up
bt ~ # ifconfig ath0
ath0      Link encap:Ethernet  HWaddr AA:BB:CC:DD:EE:FF
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:26 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1092 (1.0 KiB)  TX bytes:590 (590.0 b)

WPA-PSK Security Tips

You know how to break weak WPA-PSK keys. Now make sure that it doesn't happen to you by using two simple techniques.

Use long and strong passphrases!

The longer and more random the password, the better. A WPA key is a computer passphrase, and by that I mean that the computer is the one that has to remember it. All you have to do as the user is type it in once and you're ready to go.

So, generate a very long, random passphrase, write it down and put it in a not-so-obvious place. Writing down a passphrase is normally a cardinal sin for security. But in a SOHO setting, it's a reasonable tradeoff between security and convenience.

Frankly, you're much more susceptible to wireless pirates parked outside your apartment (or next door) using the tools I've just described than you are to someone socially-engineering your wife into giving out your wireless LAN key. And even then, wouldn't it be nice if the key took a half-hour for her to read over the phone, giving you a chance to step in and save the day?

So, generate a nasty, long computer passphrase, write it down on a sticky-note, enter it in your router and clients, then stick that sticky-note someplace secure (not to the top of the router!)

Change your SSID

Since the key is salted with the SSID, it makes sense to change your AP's SSID to render the precomputed hash tables useless (assuming you change it to something non-obvious). This forces the attacker to start from square one by either generating a hash table or using just a straight dictionary attack.

Conclusion

So, now you know how crackers can attack wireless networks that use weak WPA / WPA2 PSK keys and the simple countermeasures that you can take to ensure that it doesn't happen to you.

With a strong, long key and good security practices, a wireless LAN secured by WPA / WPA2 is definitely not an easy target.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

hello guysI have a ac3100 running 384.15. router is on a remote location and i currently dont have physical access to it.i have started to notice that...
∞중국밀항 okmm33@outlook.com 한국밀항∞∞대만밀항 okmm33@outlook.com 한국밀항∞∞한국밀항 okmm33@outlook.com 필리핀밀항∞∞한국밀항 okmm33@outlook.com 베트남밀항∞∞누구든 묻지않고 비밀리에 처리해드립니다 ∞중국밀...
Hi. I recently setup VPN server (Open VPN) on my Asus GT AX-11000 router to access it remotely. Problem is that I can only access it when I have check...
Hi,Anyone have any insight regarding a new version of this unit coming out soon? Seems it’s marked as not coming back to stock. Thanks
Hi,Anyone have any insight regarding a new version of this unit coming out soon? Seems it’s marked as not coming back to stock. PS: If this is the wro...

Don't Miss These

  • 1
  • 2
  • 3