How to hack a wireless network

By raharr ·
Okay, maybe I should not ask this but I am going to anyway.

I install wireless networks and want to check to make sure that the security is good enough to slow do a hacker. I am not a hacker by any means, but I want to know how to do this to check security of the wireless networks I install. I know there are ways to do it and have downloaded alot of software that says it can be done, but I am not sure what steps to take. Can someone give me the step by step instructions so I can try it, at least on my home network.

Manys thanks.

This conversation is currently closed to new comments.

20 total posts (Page 2 of 2)   Prev   01 | 02
Thread display: Collapse - | Expand +

All Answers

Collapse -

Going by what you are saying,

by w2ktechman In reply to Wireless Security

it seems that security is too light on the network. Hiding an SSID is not really security at all, it is more of a courtesy. There are many tools both HW and SW to sniff out hidden SSID's. Just broadcasting it should have done absolutely nothing to allow a cracker to break into the network.

A few suggestions to note. If you are using WEP get rid of it and put on WPA2. If you are using WPA2, then put a long encryption key in.
You can also increase security by adding a VPN and RADIUS server, but this will add cost and complexity to the wi-fi network.

Collapse -

More Info please

You still did not tell the members what your setup is like. What encryption, firewall, etc? It would be very easy to help you if you tell us that information. You do not have to be specific, just the process.

As for SSID broadcasting you actually may run into trouble by disabling it, Windows OS's sometimes start dropping links. As mentioned there is no security from not broadcasting it either.

As for the others gaining access, that is up for discussion, when we know your setup. I run wireless security pens tests just about every week and in reality it is more difficult than most think to gain access if a few simple precautions are taken.

Collapse -

Similar post.

by Mayhem1969 In reply to Wireless Security

Seems I recall reading a similar post a while back, where someone was saying they were a professional seeking hacks for their company's or client's use. The thread got heated, quickly and the poster quit. No one was willing to help then, and I doubt seriously you will find what your looking for here.

Collapse -

Wireless Security

by raharr In reply to Similar post.

I think I found what I was looking for.


Here is more information on how we are set up. First, to let everyone know, we are juvenile correction facility and a special school district. I am using linksys access points to connect several labs to our network that contain 10 to 15 computers each. The access points are in the classrooms with the computers. They have a short range, so I really am not worried to much about hackers, but I have to prove a point that it is not as easy as the agency says it is. I have disabled the broadcast for the ssid, using WPA2 with special characters and a combination of both upper and lower case letters. Filtered MAC address to allow only the ones in the room to connect. I have made it as touch as possible, even using linksys access points.

During a meeting, I was told that the agency was able to get into the network after only a few minutes. So, now I am stuck trying to prove my case. I order for me to do that, I need to test it for myself to see if I can break into it and how long it takes.

I know that given enough time, anything can be gotten into. I just want to track how long it takes to get into it.


Collapse -

You're right

by Tig2 In reply to Wireless Security

If I beat something to death, I can get in.

Have you gotten the "white hat" logs from the other agency? Have you been able to query the people that had access to your network?

I think that they need to "prove their case" against you. I would want to see what and who got where. And then I would want to review the appropriate logs.

This is nuts. Make them prove their position. THEN let's work together to strengthen your (theoretical) faults.

Collapse -

From your setup

by The Scummy One In reply to Wireless Security

I think TIG is right. Make them tell you or show you what they accessed.
It is likely that they used a utility to see the SSID and connect to the AP, but this is hardly getting onto the network.

WPA uses OSA (Open System Authentication). You can connect to the AP (access point)without issue. The data however is encrypted.
Using the MAC filters can be overcome by free SW, but with a small amount of users as you have, there should be little overhead, and another layer of security added. This also makes the 'cracker' waste more time trying to break in.
From what you stated, if the PW is long (over 32 characters) then they did not get in without help most likely.
Keep on the lookout for a rogue AP. Maybe someone connected a wifi router directly to the network. Or maybe someone is sharing their connection via ad-hoc mode.
Both of these would be easier than breaking in via brute force.

Collapse -

Force another test

by Michael Kassner Contributor In reply to From your setup

Just my two cents. I would like to know just exactly what they accessed. I would change all of the encryption keys and then have them show you one more time. Force them to copy a file that can only be accessed via a wireless connection. That is typically how I have to prove that I gained access.

Collapse -

Maybe we are looking at the wrong area???

by The Scummy One In reply to Wireless Security

We know the basics, and it sounds secure enough from the wireless side. But what about physical access to the AP(s)???

an AP has a port(s) for configuring the AP itself. This may have been breached if access to the AP was easily gotten.
So, here is my suggestion, if access to the AP is avail, lock it down. Change the username/PW for the admin account. give a long alphanumeric PW for it.
Then, lock access to the device without interfering with the antenna's. A plastic mount aroung the AP with the antenna's sticking out in a locking box should do just that. It should keep anyone from physically tampering with the AP to gain access.

just a thought...

Collapse -

Nothing to it...

by -Q-240248 In reply to I would like to help, hon ...

Just make sure you use encryption and do not broadcast your SSID. That's the main security concern. Then, get yourself a wireless laptop or other device and try to connect to the wireless network. If it won't let you in, asks you for an SSID, then you're good to go.

It's that easy.

The next step a hacker would have to take is to actually target your network and then to sit there and try to hack the encryption key, which is near impossible.

Collapse -

Wireless Security

by raharr In reply to Nothing to it...

I have taken all your answers in. I did change the admin password. Security keys are strong and the disabled the SSID. There are many programs out there that will give me the SSID. But, getting the security is almost impossible. I have already asked them to give me the white sheets and prove that they got in. I still haven't heard anything back from them. They insist that I purchase $30,000 in equipment that will protect our network.

There is enough freeware programs and given enough time, you can just about break any wireless security. But it is the time it takes to break it. That is the mean reason for me asking the question. I wanted to check and see how long it would take for someone to get enough IV's to crack the code. I have also updated the software on the access point and decreased the transmitting range. It is most like as secure as you can get it. The time it takes also depends on the amount of activity and since they are not used much at night, it would be impossible to get enough broadcast information from the access point.

Thanks for all of your inputs into my problem. And you can see what kind of headaches I have working with a two part agency and people that really don't know much about wireless.


I like testing my own stuff first just to make sure.

Back to Networks Forum
20 total posts (Page 2 of 2)   Prev   01 | 02

Related Discussions

Related Forums