Wireless Access

Reply
Highlighted

backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

Hi,

 

Today earlier,A backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min... :smileyfrustrated:

Aruba 620 6.1.3.0 please advise.

 

is there anyway to block the packet colliection by backtrack?! (in example: WIP/RFP)

 

please advise.

 

thanks.

 

me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Highlighted
Frequent Contributor I

Re: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

No, the only protection is to use a stronger PSK or switch to 802.1X/EAP.   The only data needed to crack a PSK is the SSID and a capture of a 4-way handshake - both of these can be obtained through passive sniffing which is not detectable by WIDS.  

 

If you absolutely have to use a PSK, you should use 13+ random characters.  Do NOT use dictionary words.  

Highlighted
MVP

Re: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

My first step after setting up our PSK SSID(s) is to fire up Backtrack and try to hack it myself so I'll know what to expect.

 

It's a bit depressing how easy it is to get in.

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Highlighted

Re: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

yep... Backtrack doing the life much easier to hack WPA2..
But i still dont understand... i used a key: "kia4ever"
it's not a known key in any famous pass list....(checked it all the weekend) - using the handshake method.
+
as far as i aware another method is using reaver ...but...it's using WPS..and Aruba dosent do WPS...

 

please advise.

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Highlighted
MVP

Re: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

8 characters is just too easy to brute force -- every additional character raises the time to crack considerably.

 

We've changed it, but our last PSK was "a hat is a good thing" -- silly but easy enough to remember, and long enough to crush the brute force folks. (or at least make them go hack the neighbors)

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Highlighted
MVP Expert

Re: backtrack user cracked my WPA2-AES (key: kia4ever) in just 10min ? how do i block it?

I would have to agree with Mat.

 

Our customers demand a 31-character key for PSK's when WPA2 is involved if no 802.1x is possible for whatever reason.

 

you PSK has 2 dictionary words in it so in my opinion it shouldn't take long to crack and it didn't, you said 10min....

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: