Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Strengthening WEP security?

  1. #1
    Join Date
    Jan 2012
    Beans
    753

    Strengthening WEP security?

    If I need to set up my computer in an adhoc network using WEP, it will be very vulnerable to the aircrack suite. However I read from the man page of airuncloak-ng that some WIPS can help prevent simple attacks against the protocol:

    DESCRIPTION airuncloak-ng is a tool that removes wep cloaking from a pcap file. Some WIPS (actually one) can actively "prevent" cracking a WEP key by inserting chaff (fake wep frames) in the air to fool aircrack-ng. In some rare cases, cloaking fails and the key can be
    recovered without removing this chaff. In the cases where the key cannot be recovered, use this tool to filter out chaff.


    The program works by reading the input file and selecting packets from a specific network. Each selected packet is put into a list and classified (default status is "unknown"). Filters are then applied (in the order specified by the user) on this list.
    They will change the status of the packets (unknown, uncloaked, potentially cloaked or cloaked). The order of the filters is really important since each filter will base its analysis amongst other things on the status of the packets and different orders
    will give different results.


    Important requirement: The pcap file needs to have all packets (including beacons and all other "useless" packets) for the analysis (and if possible, prism/radiotap headers).
    Is there a way I can set up my computer to send out these fake WEP frames, so that only airuncloak-ng could crack into it?

  2. #2
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    8,928
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Strengthening WEP security?

    Why not just use WPA2?
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  3. #3
    Join Date
    Oct 2010
    Location
    Finland
    Beans
    252
    Distro
    Ubuntu

    Re: Strengthening WEP security?

    Is there a specific reason why you can't use WPA2? WEP is not considered very secure by today's standards...there are plenty of programs out there for cracking WEP...

    edit: I just read from an unconfirmed source about the FBI showing that WEP could be cracked in less than 3 minutes using freely available tools....and this happened as far back as 2005!
    Last edited by na5h; March 24th, 2013 at 12:40 PM.

  4. #4
    Join Date
    Jan 2012
    Beans
    753

    Re: Strengthening WEP security?

    I want WEP for two reasons. One is that the internet is down for me, so I'm forced to use a 3G mobile broadband through USB, and I want to set up my computer as an adhoc network so other computers in my house can connect to it, and adhoc seems to only support WEP. The second reason is similar, but using adhoc even when I get my home internet back up so that I can use my Nintendo DS (which only supports WEP encryption).

    I'm not going to be sending any sensitive information or anything, and even if I was, I'm using a VPN. And as for my Nintendo DS, what sensitive information could be intercepted from IT?

    The only reason I want slightly more secure WEP is so no one leeches off the very limited bandwidth the 3G mobile USB provides (and MAC address filtering does not provide that much protection).

    Quote Originally Posted by na5h View Post
    edit: I just read from an unconfirmed source about the FBI showing that WEP could be cracked in less than 3 minutes using freely available tools....and this happened as far back as 2005!
    Yeah I know. I cracked my own WEP before in just 90 seconds (I think it was exactly 91 iirc). I was using airodump-ng (capturing IVs), aireplay-ng (causing the router to release more IVs), and aircrack-ng (brute force weak IVs) on a laptop. Hell, even most smart phones today can crack into WEP!

  5. #5
    Join Date
    Oct 2010
    Location
    Finland
    Beans
    252
    Distro
    Ubuntu

    Re: Strengthening WEP security?

    Can you disable the SSID broadcast?

  6. #6
    Join Date
    Jan 2012
    Beans
    753

    Re: Strengthening WEP security?

    Quote Originally Posted by na5h View Post
    Can you disable the SSID broadcast?
    That protection is too weak. I want to be able to have a little resistance from aircrack and related programs.

  7. #7
    Join Date
    Jan 2013
    Beans
    9

    Re: Strengthening WEP security?

    Do not use the DS. Look at installing hostap, dnsmasq, and/or dhcp3- server (pereferably on a seperate unused computer/laptop, or if you have too, on the computer with the 3G card) as a router. Do not use WEP. Dont even mess around with it. Stick with WPA2.

  8. #8
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    8,928
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Strengthening WEP security?

    Can you limit connections to the router by MAC address? Though it's not foolproof, it would certainly help protect against random intruders.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  9. #9
    Join Date
    Jan 2012
    Beans
    753

    Re: Strengthening WEP security?

    Quote Originally Posted by besial View Post
    Do not use the DS. Look at installing hostap, dnsmasq, and/or dhcp3- server (pereferably on a seperate unused computer/laptop, or if you have too, on the computer with the 3G card) as a router. Do not use WEP. Dont even mess around with it. Stick with WPA2.
    I am well aware of the weaknesses of WEP. Any computer which is connected via WEP is also using a VPN which is encrypted with 128-bit blowfish, and as for the DS there is very little sensitive information it could be sending. As I said, I am not worried about snooping of data, I am worried about leeching of my limited data plan.

    Quote Originally Posted by SeijiSensei View Post
    Can you limit connections to the router by MAC address? Though it's not foolproof, it would certainly help protect against random intruders.
    Possibly. How would I do that, and how much protection would it provide (i.e. if someone spoofs a vaild MAC address, will they also be able to connect or only if I am disconnected)?



    I don't just want a bunch of answers saying not to use WEP, I just want to know if I can harden it from brute-force cracking by transmitting fake WEP frames. Is there or is there not a program which is capable of doing this?

    This is only temporary, I'm not going to be using WEP as my only security for very long. I already change my WEP key every day, sometimes several times per day, but I would like to be able to slow down any brute-force attack just a little more.
    Last edited by Stonecold1995; March 25th, 2013 at 10:33 PM.

  10. #10
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    8,928
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Strengthening WEP security?

    Your router should enable you to specify permitted MACs. An easy solution is to connect all your devices then look at the list of MACs in the router's software. Some routers let you create a permission list; otherwise you would just copy the addresses into the form for permitted addresses.

    MACs can be spoofed, but from the little I've read it's harder than exploiting WEP. I imagine you'd need to be monitoring the radio when the device requests an address via DHCP. Using static addresses on the client devices might avoid the need to broadcast the MACs entirely. I suspect it would be pretty hard to exploit this method in that situation, but you should do some research and not trust my rather uninformed speculation.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •