This is a discussion on Wireless Security within the Sky Broadband help forums, part of the Sky Broadband help and support category; Hi everyone. I've been browsing through this forum and there's a heap of issues with encryption. I wonder whether it ...
- 07-03-10, 06:17 PM #1
Hi everyone. I've been browsing through this forum and there's a heap of issues with encryption. I wonder whether it would be an idea to have a sub-forum dedicated to security? That's one for the moderators to ponder.
What I've noticed is that so many people are still using WEP. My advice is that if you really don't need it, change it! It's rubbish and offers no real security at all. It became obsolete as far back as 2001. What astonishes me was the amount of equipment still sold with WEP encryption e.g. bar-code scanners used in supermarkets (like when they're stacking shelves and you keep hearing that Windows Error default sound?), BT home hubs (this may be wrong now), amongst others.
I'll say it again - WEP IS RUBBISH. It can be cracked in under 3 seconds with some free software, don't use it. I proved it to my neighbour from an old P3 laptop I have running Linux and hacked onto his brand new BT Home Hub shipped with default WEP encryption. He changed it to WPA straight away.
Being neighbourly I did a search around my village and found a dozen or so Home Hubs all shipped with WEP. I advised my neighbours to change, they didn't need the demonstration, only one got shirty with me for what he saw as "spying" on him even though I didn't connect to him and reminded him that his router was broadcasting to half the village.
That said, WPA is not so good either. With a good wordlist you can crack most WPA passwords. I got my software team at my office to study this in the interest of providing my clients with better service, and the only ones they couldn't crack were >13 characters alphanumeric. Anything less could be done in at most an hour or so. For this we used Aircrack, but you could also use a brute force.
My messages here are:
- DUMP WEP If you have a DS or an old WEP device ask yourself do you really need it on your network? If not dump it and improve your security.
- IMPROVE WPA by using 13 or more alphanumerical characters. Sky Netgear V2 routers come with an 8 character key, and by using a random alphanumerical word generator this can be cracked. I don't know about the V1 or the Sagem.
- USE WPA2 if you can deal with it on your network.
- 07-03-10, 08:57 PM #2
Re: Wireless Security
Good advice, but many don't want to dump equipment, mainly games consoles just because they do not support WPA. I always advise using ASCII characters with WPA, rather than alphanumeric. It makes the pass key that bit more difficult to crack. Unfortunately the Sky routers do not support WPA2.
The V1 router was even less secure as the password and default security key could be calculated from the MAC address. This was publicised by one of our members a couple of years ago. No one should be using the V1 router with the default key.