The Ethical Hacker Network

xXxKrisxXx

Hero Member

Offline

Posts: 512

Am I Secure?

« on: February 04, 2009, 03:26:34 PM »

Hey folks,

I was wondering if I had done the basics to secure my Access Point, how secure am I truly? What I've done so far is implemented WPA2, enabled MAC Address filtering, have hidden my SSID, disabled uPnP...is this really enough? Do you guys suggest changing my PSK every week or so, if not how often? Are there any type of tools out there that can identify my SSID even if I have it set to not broadcast? Appreciate the help!


	Logged

eCPPT, GCIH, OSCP, OSWP

SynJunkie

Jr. Member

Offline

Posts: 71

Re: Am I Secure?

« Reply #1 on: February 04, 2009, 03:32:58 PM »

i know you would have but i'll ask anyway.

Have you changed the default password, disabled wireless administration and upgraded the firmware?

Syn


	Logged

----------------------------------
http://synjunkie.blogspot.com

xXxKrisxXx

Hero Member

Offline

Posts: 512

Re: Am I Secure?

« Reply #2 on: February 04, 2009, 03:36:33 PM »

I guess I forgot to include those. I didn't disable the wireless administration, but I do often upgrade the firmware and of course have changed the default http password, going to do that one now. Thanks. I also have a damn strong key, I'm not exactly worried about a user cracking my Encryption, just wondering if I've done about all I can do.


	Logged

eCPPT, GCIH, OSCP, OSWP

SynJunkie

Jr. Member

Offline

Posts: 71

Re: Am I Secure?

« Reply #3 on: February 04, 2009, 03:46:40 PM »

Put it this way. You've done enough for someone like me to move on and find another wifi access point!


	Logged

----------------------------------
http://synjunkie.blogspot.com

xXxKrisxXx

Hero Member

Offline

Posts: 512

Re: Am I Secure?

« Reply #4 on: February 04, 2009, 03:51:13 PM »

Sweet...and being a fan of your blog, you walking away from an access point is rare... I take it I'm fairly secure for now...thanks again for the input...still willing to accept others if you have any!


	Logged

eCPPT, GCIH, OSCP, OSWP

eth3real

Sr. Member

Offline

Posts: 309

Re: Am I Secure?

« Reply #5 on: February 04, 2009, 03:53:05 PM »

Hidden SSIDs can still be seen very easily with a tool like airodump-ng.
Also make sure your password is somewhat randomly generated, people are trying dictionary attacks against WPA/WPA2 access points, I believe.


	Logged

Put that in your pipe and grep it!

xXxKrisxXx

Hero Member

Offline

Posts: 512

Re: Am I Secure?

« Reply #6 on: February 04, 2009, 03:55:52 PM »

I'll have to look more into that tool to see if I can get it to identify my SSID. As for dictionary attacks and for randomly-generating a pass phrase, that's just about what I have right now, I also have my pass phrase starting with a Z, I figure if an attackers going to actually go and wait outside my house while running a dictionary attack against my key, he'd be waiting a long enough time that he'd eventually give up and go onto an easier target, or I'd notice his ass outside my house.


	Logged

eCPPT, GCIH, OSCP, OSWP

eth3real

Sr. Member

Offline

Posts: 309

Re: Am I Secure?

« Reply #7 on: February 04, 2009, 04:02:05 PM »

It's a good tool, comes with BackTrack. I have a laptop sitting on my desk, (it has no hard drive or battery Sad

) it's only use it to boot a BackTrack disc once in a while and check out wireless networks, etc. Wink


	Logged

Put that in your pipe and grep it!

SynJunkie

Jr. Member

Offline

Posts: 71

Re: Am I Secure?

« Reply #8 on: February 04, 2009, 04:08:37 PM »

Thanks for the compliment on my blog, i appreciate it.

one other thing, you could play around with the DHCP scope, can you limit the leases handed out and move the subnet to something other than 192.168.1.x

This, along with your other measures makes an attackers job a little harder.

Regards

Syn

P.S or you could be plain evil, by securing it slightly so you know whoever uses it has used it knowing that they have bypassed your security, and then put an old linux box between your AP and the internet and capture all the traffic. Sorry, i shouldn't think out loud, i'd better put that hat away again ;-)


	Logged

----------------------------------
http://synjunkie.blogspot.com

xXxKrisxXx

Hero Member

Offline

Posts: 512

Re: Am I Secure?

« Reply #9 on: February 04, 2009, 04:26:23 PM »

SynJunkie you grey hat! eth3real, sounds like you need to replace that bad boy.


	Logged

eCPPT, GCIH, OSCP, OSWP

SynJunkie

Jr. Member

Offline

Posts: 71

Re: Am I Secure?

« Reply #10 on: February 04, 2009, 04:40:52 PM »

oh, one last thing from me on this. I believe that there are ways of disabling the SSID broadcast altogether (if your router supports it), but be aware that any clients connecting will likely broadcast it initially. So you might want to be aware of that point.

Cheers

Syn


	Logged

----------------------------------
http://synjunkie.blogspot.com

Kev

Sr. Member

Offline

Posts: 428

Re: Am I Secure?

« Reply #11 on: February 04, 2009, 05:20:02 PM »

What I always find interesting about wireless hacking is the difference between theoretical hacks that might work in a lab in a perfect environment and hacks that work in the real world. There is a difference and its important to learn the difference and that only happens with experience. If you have implemented all you say you have, practically speaking your network is safe. At least for now, lol. Wink


	Logged

eth3real

Sr. Member

Offline

Posts: 309

Re: Am I Secure?

« Reply #12 on: February 04, 2009, 09:00:08 PM »

I agree, you're probably very safe from anyone that would randomly start trying to gain access to your wifi.

My wifi router at home has pretty much the same level of security, and I don't feel like I should be worried about it.
I once had a guy in my neighborhood compliment me because mine was the only wifi network he couldn't break into (he assumed it was me because I have the CEH sticker on the back of my car). It was rather amusing.


	Logged

Put that in your pipe and grep it!

vijay2

Full Member

Offline

Posts: 220

Re: Am I Secure?

« Reply #13 on: February 05, 2009, 06:41:37 AM »

Its nice to see that you have gone through the trouble and securing your wifi network. But the question still remains are you Secure ? .. Well no1 can answer that.

For me, the amount of effort I put in to secure something is directly proportional to the data I am trying to protect. SO the question is what are you trying to protect ?

Again, as you said about the strong password, hiding SSID, MAC addr authentication all that can be easily broken if some1 does capture enough packets and work on that offline and then come back with all the info needed. The tools to achive that were mentioned by Josh in the last "Perfect Strom Webcast".

So again the question remains are you secure ? ummmm it all depends how bad someone wants your data, but defense in depth is a great way to go.

Just me 1 cent

VJ


	Logged

GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+

sgt_mjc

Sr. Member

Offline

Posts: 294

Re: Am I Secure?

« Reply #14 on: February 05, 2009, 07:37:00 AM »

Syn,
Going along with your slightly secure with Linux inbetween, my neighborhood has some many open APs its not funny. So to that end I found an old 802.11b router that I'm thinking of setting as a honey pot jsut for grins to gather some traffic Wink

. Any advice on that?


	Logged

Mike Conway
CISSP
CompTia Security +
C|EH

Pages: [1] 2 Go Up

« previous next »