WiFi hacking : Securing Your Network From The Attacks

Now that we know how to test the security of all known wireless
encryptions (WEP/WPA/WPA2), it is relatively easy to secure our networks
against these attacks as we know all the weaknesses that can be used by
hackers to crack these encryptions.
So lets have a look on each of these encryptions one by one:
1. WEP: WEP is an old encryption, and its really weak, as we seen in
the course there are a number of methods that can be used to crack this
encryption regardless of the strength of the password and even if there is
nobody connected to the network. These attacks are possible because of the
way WEP works, we discussed the weakness of WEP and how it can be used
to crack it, some of these methods even allow you to crack the key in a few
minutes.
2. WPA/WPA2: WPA and WPA2 are very similar, the only
difference between them is the algorithm used to encrypt the information but
both encryptions work in the same way. WPA/WPA2 can be cracked in two
ways
1. If WPS feature is enabled then there is a high chance of obtaining
the key regardless of its complexity, this can be done by exploiting a
weakness in the WPS feature. WPS is used to allow users to connect to their
wireless network without entering the key, this is done by pressing a WPS
button on both the router and the device that they want to connect, the
authentication works using an eight digit pin, hackers can brute force this pin
in relatively short time (in an average of 10 hours), once they get the right pin
they can use a tool called reaver to reverse engineer the pin and get the key,
this is all possible due to the fact that the WPS feature uses an easy pin (only
8 characters and only contains digits), so its not a weakness in WPA/WPA2,
its a weakness in a feature that can be enabled on routers that use
WPA/WPA2 which can be exploited to get the actual WPA/WPA2 key.
2. If WPS is not enabled, then the only way to crack WPA/WPA2 is
using a dictionary attack, in this attack a list of passwords (dictionary) is
compared against a file (handshake file) to check if any of the passwords isthe actual key for the network, so if the password does not exist in the
wordlist then the attacker will not be able to find the password.

Popular posts from this blog

Free Upstore premium account login and password 2020 | 100% working

How to Activate Microsoft Office 2010 without Product Key for Free

WDupload premium account free login and password 2020 | 100% working