Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

  • 1.  backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

    Posted Jul 10, 2013 09:17 AM

    Hi,

     

    Today earlier,A backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min... :smileyfrustrated:

    Aruba 620 6.1.3.0 please advise.

     

    is there anyway to block the packet colliection by backtrack?! (in example: WIP/RFP)

     

    please advise.

     

    thanks.

     

    me



  • 2.  RE: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

    Posted Jul 10, 2013 11:14 AM

    No, the only protection is to use a stronger PSK or switch to 802.1X/EAP.   The only data needed to crack a PSK is the SSID and a capture of a 4-way handshake - both of these can be obtained through passive sniffing which is not detectable by WIDS.  

     

    If you absolutely have to use a PSK, you should use 13+ random characters.  Do NOT use dictionary words.  



  • 3.  RE: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

    Posted Jul 12, 2013 05:14 PM

    My first step after setting up our PSK SSID(s) is to fire up Backtrack and try to hack it myself so I'll know what to expect.

     

    It's a bit depressing how easy it is to get in.



  • 4.  RE: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

    Posted Jul 12, 2013 05:22 PM

    yep... Backtrack doing the life much easier to hack WPA2..
    But i still dont understand... i used a key: "kia4ever"
    it's not a known key in any famous pass list....(checked it all the weekend) - using the handshake method.
    +
    as far as i aware another method is using reaver ...but...it's using WPS..and Aruba dosent do WPS...

     

    please advise.



  • 5.  RE: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

    Posted Jul 12, 2013 07:46 PM

    8 characters is just too easy to brute force -- every additional character raises the time to crack considerably.

     

    We've changed it, but our last PSK was "a hat is a good thing" -- silly but easy enough to remember, and long enough to crush the brute force folks. (or at least make them go hack the neighbors)



  • 6.  RE: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

    Posted Jul 24, 2013 09:16 AM

    I would have to agree with Mat.

     

    Our customers demand a 31-character key for PSK's when WPA2 is involved if no 802.1x is possible for whatever reason.

     

    you PSK has 2 dictionary words in it so in my opinion it shouldn't take long to crack and it didn't, you said 10min....