Wireless Access

Hi,

Today earlier,A backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min... :smileyfrustrated:

Aruba 620 6.1.3.0 please advise.

is there anyway to block the packet colliection by backtrack?! (in example: WIP/RFP)

please advise.

thanks.

me

No, the only protection is to use a stronger PSK or switch to 802.1X/EAP.   The only data needed to crack a PSK is the SSID and a capture of a 4-way handshake - both of these can be obtained through passive sniffing which is not detectable by WIDS.  

If you absolutely have to use a PSK, you should use 13+ random characters.  Do NOT use dictionary words.  

My first step after setting up our PSK SSID(s) is to fire up Backtrack and try to hack it myself so I'll know what to expect.

It's a bit depressing how easy it is to get in.

yep... Backtrack doing the life much easier to hack WPA2..
But i still dont understand... i used a key: "kia4ever"
it's not a known key in any famous pass list....(checked it all the weekend) - using the handshake method.
+
as far as i aware another method is using reaver ...but...it's using WPS..and Aruba dosent do WPS...

please advise.

8 characters is just too easy to brute force -- every additional character raises the time to crack considerably.

We've changed it, but our last PSK was "a hat is a good thing" -- silly but easy enough to remember, and long enough to crush the brute force folks. (or at least make them go hack the neighbors)

I would have to agree with Mat.

Our customers demand a 31-character key for PSK's when WPA2 is involved if no 802.1x is possible for whatever reason.

you PSK has 2 dictionary words in it so in my opinion it shouldn't take long to crack and it didn't, you said 10min....