Secure comms over wifi
- Thread starter eireguy
- Start date
Help Support Homesteading & Country Living Forum:
A few comments about Wifi security:
1. Always use WPA, never WEP. WEP is easily hacked by software you can get for free.
2. To be effective, WPA passwords must be random characters -- NEVER words or common names.
3. At best, WPA security can resist ordinary eavesdroppers -- not government agencies
4. If privacy matters, use encryption beyond Wifi.
The router of choice is the Linksys WRT54GL The "L" stands for Linux, meaning it can be re-flashed with custom firmware like DD-WRT
It is possible to use the WRT54GL as a bridge to another identical unit, then attach other routers via wired ethernet to serve as Wifi access points. Directional antennas can extend the range of these boxes up to a few miles in some cases, especially if you use custom firmware that lets you crank up the transmit power.
Most wireless routers (Linksys in particular) are vulnerable to thermal failure due to insufficient cooling. Consider modifying the case to include a cooling fan, or possibly heat sinks on the components that get hot. This is critical if you choose to increase the transmit power of the router. In a disaster scenario, you never know how long you need these units to last.
1. Always use WPA, never WEP. WEP is easily hacked by software you can get for free.
2. To be effective, WPA passwords must be random characters -- NEVER words or common names.
3. At best, WPA security can resist ordinary eavesdroppers -- not government agencies
4. If privacy matters, use encryption beyond Wifi.
The router of choice is the Linksys WRT54GL The "L" stands for Linux, meaning it can be re-flashed with custom firmware like DD-WRT
It is possible to use the WRT54GL as a bridge to another identical unit, then attach other routers via wired ethernet to serve as Wifi access points. Directional antennas can extend the range of these boxes up to a few miles in some cases, especially if you use custom firmware that lets you crank up the transmit power.
Most wireless routers (Linksys in particular) are vulnerable to thermal failure due to insufficient cooling. Consider modifying the case to include a cooling fan, or possibly heat sinks on the components that get hot. This is critical if you choose to increase the transmit power of the router. In a disaster scenario, you never know how long you need these units to last.
good info there dave
The NSA can decrypt anything.
Secured vs non secured password - does not matter to a hacker.
There isn't anything that you can't hack...
Secured vs non secured password - does not matter to a hacker.
There isn't anything that you can't hack...
Although I would agree that the NSA can hack anything, there is a big difference between situations where the NSA can hack with their basic kit of software tools and situations that require them to spend some quality time. If you are a high-profile target and they dedicate a team of cryptographers to your individual case, then yes, NSA can decrypt anything. But you don't have to make it easy. Layers of encryption are tedious to decrypt, especially when the inner layers are of an unknown protocol.
As for password security, it really DOES make a difference with WPA. Nothing can help WEP. I know because I did a security study in a laboratory environment, comparing the success or failure of readily available hacking tools against current wireless encryption protocols.
There are three common types of decryption attacks:
1. Mathematical shortcuts -- flaws in the encryption algorithm can shorten the decryption time dramatically
2. Dictionary attacks -- exactly as it sounds, a vast number of words are read from a file and tried in various combinations
3. Brute-force attacks -- every conceivable combination of characters (even unprintable ones) will be tried until something works
Method 1 is many orders of magnitude faster than method 2, which is many orders of magnitude faster than method 3. Depending on how long the password is, you might not live long enough for a brute-force attack to finish.
Attacking a wireless network starts with monitoring encrypted packets. There are some tools that deliberately inject malformed packets to force the wireless network to generate error packets in response and produce raw encrypted data to speed up the attack. But if you monitor any network long enough, you will eventually get enough data to attack it.
WEP is vulnerable to mathematical shortcuts. No matter what password you choose, it won't help. If you capture enough encrypted data, you can get a WEP password cracked in no time. My personal best in the lab is 2 seconds.
I am not aware of any WPA vulnerabilities to mathematical shortcuts. My research was done a few years ago, and I did not find any published exploitable attack vectors at that time. For this reason, conventional hacker tools for WPA networks rely on dictionary attacks. If you are dumb enough to use names or words that match the dictionary file, the attack will finish in a reasonable amount of time. If you use random characters, the only attack that will work is brute-force. This will hardly ever finish in a reasonable amount of time.
As I said in my original post: "At best, WPA security can resist ordinary eavesdroppers -- not government agencies." I would never bet against the NSA, as they would probably obstruct the deployment of any encryption algorithm that they can't decrypt at will. But it is definitely possible to "raise the bar" so that even the NSA would have to dedicate some resources to attacking your network.
IMHO, the gold standard of Wifi encryption is 802.1x. Several users are typically logged on to the network at any given time, and their username/password is part of the encryption. This means a typical network has several devices connected, each with different encryption keys for different streams of data. There is no single password that unlocks everything, so it's not easy to figure out which packets belong to which stream. For a number of technical reasons, I don't see 802.1x as a viable option for home preppers. But in a commercial environment, that's the way to go.
In a WPA environment, strong passwords mean the difference a brute-force attack and a dictionary attack. Not many people will wait for a brute-force attack to finish. But a teenager can download free programs from the Internet and run a dictionary attack in much less time. It is surprisingly easy to get free, pre-packaged, ready-to-use hacker tools on a bootable DVD. My network cannot be easily attacked with such tools. How about yours?
As for password security, it really DOES make a difference with WPA. Nothing can help WEP. I know because I did a security study in a laboratory environment, comparing the success or failure of readily available hacking tools against current wireless encryption protocols.
There are three common types of decryption attacks:
1. Mathematical shortcuts -- flaws in the encryption algorithm can shorten the decryption time dramatically
2. Dictionary attacks -- exactly as it sounds, a vast number of words are read from a file and tried in various combinations
3. Brute-force attacks -- every conceivable combination of characters (even unprintable ones) will be tried until something works
Method 1 is many orders of magnitude faster than method 2, which is many orders of magnitude faster than method 3. Depending on how long the password is, you might not live long enough for a brute-force attack to finish.
Attacking a wireless network starts with monitoring encrypted packets. There are some tools that deliberately inject malformed packets to force the wireless network to generate error packets in response and produce raw encrypted data to speed up the attack. But if you monitor any network long enough, you will eventually get enough data to attack it.
WEP is vulnerable to mathematical shortcuts. No matter what password you choose, it won't help. If you capture enough encrypted data, you can get a WEP password cracked in no time. My personal best in the lab is 2 seconds.
I am not aware of any WPA vulnerabilities to mathematical shortcuts. My research was done a few years ago, and I did not find any published exploitable attack vectors at that time. For this reason, conventional hacker tools for WPA networks rely on dictionary attacks. If you are dumb enough to use names or words that match the dictionary file, the attack will finish in a reasonable amount of time. If you use random characters, the only attack that will work is brute-force. This will hardly ever finish in a reasonable amount of time.
As I said in my original post: "At best, WPA security can resist ordinary eavesdroppers -- not government agencies." I would never bet against the NSA, as they would probably obstruct the deployment of any encryption algorithm that they can't decrypt at will. But it is definitely possible to "raise the bar" so that even the NSA would have to dedicate some resources to attacking your network.
IMHO, the gold standard of Wifi encryption is 802.1x. Several users are typically logged on to the network at any given time, and their username/password is part of the encryption. This means a typical network has several devices connected, each with different encryption keys for different streams of data. There is no single password that unlocks everything, so it's not easy to figure out which packets belong to which stream. For a number of technical reasons, I don't see 802.1x as a viable option for home preppers. But in a commercial environment, that's the way to go.
In a WPA environment, strong passwords mean the difference a brute-force attack and a dictionary attack. Not many people will wait for a brute-force attack to finish. But a teenager can download free programs from the Internet and run a dictionary attack in much less time. It is surprisingly easy to get free, pre-packaged, ready-to-use hacker tools on a bootable DVD. My network cannot be easily attacked with such tools. How about yours?
ordinary eavesdroppers are not interested in what you are doing on the internet.
Mesh net - is only line of sight, even leaves on trees will block your signal.
It isn't like being connected to Broadband DSL or the Phone line, Comcast etc...
Mesh net - is only line of sight, even leaves on trees will block your signal.
It isn't like being connected to Broadband DSL or the Phone line, Comcast etc...
Everything that you are talking about is taught in the most basic Information Science Technology class in any college... It's probably even taught now in the high schools at the 10th grade level...
How many hackers went on to become computer experts - from my generation - lord only knows...
The part that saddens me the most is that people are using their modified routers to go up on hill-tops and listen to other routers down in the valley..
What you think is encrypted -- is actually being used to spy on other people.
How many hackers went on to become computer experts - from my generation - lord only knows...
The part that saddens me the most is that people are using their modified routers to go up on hill-tops and listen to other routers down in the valley..
What you think is encrypted -- is actually being used to spy on other people.
Mesh net is only as directional as your antenna. And it's only for connecting one wireless access point to another. The individual connection from a network client is still the weak link from a security point of view.
Indeed, nothing I mentioned is rocket science. It wasn't all that difficult to set up some equipment in a lab and explore the relative merits of mesh networks, 802.1x, WPA, and WEP, weak passwords vs. strong passwords. It's all in a book somewhere, but people still debate the facts until someone plugs in a bunch of comm gear and proves the point. You can see from the comments posted here that someone needed to bring the information to light.
As for people who use modified routers to go eavesdropping, you don't even need a modified router. You can get USB Wifi with an external antenna, about $20 on Amazon. All you need is a stripped-down laptop and a Backtrack Linux bootable DVD or USB stick.
Yes, but people don't like it when you ride around their neighborhood or park on their street with your lap top computer - looking for internet connections to hack.
There is even people that maps out the open connections in a neighborhood and groups that collects that information on the web.
There is even people that maps out the open connections in a neighborhood and groups that collects that information on the web.
Indeed, there are people who drive around and map open Wifi networks. Even worse, they can monitor what is ON those networks. In some cases, they can literally read your email. For security against Wifi hackers and nosy neighbors, a WEP encrypted network is essentially the same thing as an open network. WPA with a weak password is like the lock on a bathroom door. WPA with a secure password is like a consumer-grade deadbolt on your front door.
Current threats against my home network are minimal, but I assume the threat level will increase in a catastrophe situation.
