WEP Issues

Posted on June 29, 2011 by alkathirikhalid

I guess by now we all have heard a lot about this, I took the liberty of physically demonstrating it to myself to grasp the actual extent of this issue. I was only alarmed to this after noticing my networking becoming slow and when even it’s obvious no pc are running but the router data light keeps blinking.

alkathirikhalid

Fig 1: Searching for WIFI targets

The results were shocking I managed to hack my network three times under different passwords, all under 2 minutes duration, the scripts are getting easier and readily available through the internet and the fun just begun.

I immediately understood what was going on and for the fun of it I dearly wanted to know how many devices were connected to my network by checking the IP addresses and also to track that user mac address.

alkathirikhalid

Fig 2: Running AutoScan Network 1.26

The auto scan above revealed more than what I intended to know with the other help of Snort and WireShark, I have intentionally hidden some data above for privacy issues. I managed to get the culprit mac address, other than just using my net I quickly notice most of the data being transferred I could easily intercept and the fact that he or she didn’t even go to the extent of hiding the mac address I saw no harm nor threat imposed by the individual rather than just surfing the net.

alkathirikhalid

Fig 3:  Enabling the system log from the network router

alkathirikhalid

Fig 4: Enabling the MAC filter from the network router
(I have intentionally hidden some data above for privacy reasons)

alkathirikhalid

Fig 5: Retrieving MAC addresses from Windows

Run “ipconfig /all” if you are running windows , to get the MAC addresses for the devices in your PC.

alkathirikhalid

Fig 6: Retrieving MAC addresses from Linux

Run “ifconfig -a” under linux, to get the MAC addresses for the devices in your PC.

I guess by now we all know that the best security to date is WPA2 but for the likes of those whom are using old routers that doesn’t support this feature. There are other options that they can use.

  1. Hide your SSID so that it is not visible
  2. Try to make your password meaningless and as long as possible with the mixture of letters, number and symbols, this will only slow the process but not entirely a solid solution
  3. Enable MAC filter, only allow the devices that you specify to connect.
  4. Enable a system log, to watch on the activity going through your router
  5. Scan your network time to time to gather useful feed back.

I am currently on all the above and more, my system is on a dual boot with BackTrack 5 the leading Penetration Testing Distribution.

www.alkathirikhalid.com

Thank you.

About alkathirikhalid

"Knowledge without experience is just information."
This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s