Securing your Network From the Above Attacks.

Now that we know how to test the security of all known wireless encryption(WEP/WPA/WPA2), it is relatively easy to secure our networks against these attacks as we know all the weaknesses that can be used by hackers to crack these encryptions.

So let us have a look at each of these encryptions one by one:

1. WEP: WEP is old encryption, and it's really weak, as there are a number of methods that can be used to crack this encryption regardless of the strength of the password and even if there is nobody connected to the network. These attacks are possible because of the way WEP works.

2.WPA/WPA2: WPA and WPA2 are very similar, the only difference between them is the algorithm used to encrypt the information but both encryptions work in the same way. WPA/WPA2 can be cracked in two ways:

(1) If the WPS feature is enabled then there is a high chance of obtaining the key regardless of its complexity, this can be done by exploiting a weakness in the WPS feature. WPS is used to allow users to connect to their wireless network without entering the key, this is done by pressing a WPS button on both the router and the device that they want to connect, the authentication works using an eight-digit pin, hackers can bruce this pin in relatively short time(in an average of 10 hours), once they get the right pin they can use a tool called reaver to reverse engineer the pin and get the key, this is all possible due to the fact that the WPS feature uses an easy pin(only 8 characters and only contains digits), so its not a weakness in WPA/WPA2, its a weakness in a feature that can be enabled on routers that use WPA/WPA2 which can be exploited to get the actual WPA/WPA2 key.

(2) If WPS is not enabled, then the only way to crack WPA/WPA2 is using a dictionary attack, in this attack a list of passwords(dictionary) is compared against a file (handshake file) to check if any of the passwords is the actual key for the network, so if the password does not exist in the wordlist then the attacker will not be able to find the password.

Conclusion:

1. Do not use WEP encryption, as we have seen how easy it is to crack it regardless of the complexity of the password and even if there is nobody connected to the network.

2. Use WPA2 with a complex password, make sure the password contains small letters, capital letters, symbols and numbers and;

3. Ensure that the WPS feature is disabled as it can be used to crack your complex WPA2 key by brute-forcing the easy WPS pin.

Ethical Hacking - NETWORK PENETRATION TESTING(11)的更多相关文章

  1. Ethical Hacking - NETWORK PENETRATION TESTING(15)

    ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of ...

  2. Ethical Hacking - NETWORK PENETRATION TESTING(10)

    WPA Craking WPA was designed to address the issues in WEP and provide better encryption. The main is ...

  3. Ethical Hacking - NETWORK PENETRATION TESTING(22)

    MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administa ...

  4. Ethical Hacking - NETWORK PENETRATION TESTING(14)

    MITM - ARP Poisoning Theory Man In The Middle Attacks - ARP Poisoning This is one of the most danger ...

  5. Ethical Hacking - NETWORK PENETRATION TESTING(13)

    Nmap Nmap is a network discovery tool that can be used to gather detailed information about any clie ...

  6. Ethical Hacking - NETWORK PENETRATION TESTING(12)

    Post Connection Attacks Sophisticated attacks that can be used after connecting to the target AP. Ga ...

  7. Ethical Hacking - NETWORK PENETRATION TESTING(8)

    WEP Cracking Basic case Run airdump-ng to log all traffic from the target network. airodump-ng --cha ...

  8. Ethical Hacking - NETWORK PENETRATION TESTING(7)

    Gaining Access to encrypted networks Three main encryption types: 1. WEP 2.WPA 3.WPA2 WEP Cracking W ...

  9. Ethical Hacking - NETWORK PENETRATION TESTING(5)

    Deauthentication Attacks Theory This attack is used to disconnect any device from any network within ...

随机推荐

  1. 一文带你了解Redis持久化完整版本

    本文讲解知识点 持久化的简介 RDB AOF RDB与AOF的区别 持久化应用场景 对于持久化这个功能点,其实很简单没有那么复杂 演示环境 centos7.0 redis4.0 redis存放目录:/ ...

  2. Jenkins中agent的使用

    [前言] 很多小伙伴都已经会搭建Jenkins环境了,都想要用Jenkins来运行自动化接口,可我们的Jenkins在linux服务器上.服务器上默认的python包是2.6的这样不是很好,那么这边就 ...

  3. unittest模块在linux报错: AttributeError: module 'unittest' has no attribute 'TestRunner'

    一开始在windows下运行没有问题,但是在linux下运行却报如下错误: ​ AttributeError: module 'unittest' has no attribute 'TestRunn ...

  4. tarjan算法求scc & 缩点

    前置知识 图的遍历(dfs) 强连通&强连通分量 对于有向图G中的任意两个顶点u和v存在u->v的一条路径,同时也存在v->u的路径,我们则称这两个顶点强连通.以此类推,强连通分量 ...

  5. 容器中的Java堆大小调整:快速,轻松

    在上一篇博客中,我们已经看到Java进行了改进,可以根据正在运行的环境(即物理机或容器(码头工人))识别内存.java的最初问题是,它无法弄清楚它是否在容器中运行,并且它曾经为容器运行所在的整个硬件捕 ...

  6. InnoDB 中 B+ 树索引的分裂

    数据库中B+树索引的分裂并不总是从页的中间记录开始,这样可能会导致空间的浪费,例如下面的记录: 1, 2, 3, 4, 5, 6, 7, 8, 9 插入式根据自增顺序进行的,若这时插入10这条记录后需 ...

  7. [ C++ ] 勿在浮沙筑高台 —— 内存管理(9~16p)primitives(下)

    per-class allocator 2 tips: operator new重载 不会被派生类实际使用,因为父类大小内存的分配交给子类去调用明显是不正确的.实际上会被转交至 : : operato ...

  8. vue开发搭建(npm安装 + vue脚手架安装)

    一.概念 1.npm:  Nodejs下的包管理器. 2.webpack: 它主要的用途是通过CommonJS的语法,把所有浏览器端需要发布的静态资源,做相应的准备,比如资源的合并和打包. 3.vue ...

  9. Python实用笔记 (14)函数式编程——匿名函数

    当我们在传入函数时,有些时候,不需要显式地定义函数,直接传入匿名函数更方便. 在Python中,对匿名函数提供了有限支持.还是以map()函数为例,计算f(x)=x2时,除了定义一个f(x)的函数外, ...

  10. MyEclipse中项目利用不同版本JDK编译注意点

    一.发现问题本地用jdk.1.6编译,可服务器上市jdk1.5,其他服务器甚至是jdk1.4,不少语法和特性不一样.该服务器的jdk版本一般不现实因为是还有许多其他项目只有将本地安装上jdk1.5. ...