Leo Laohoo Wed, 01/11/2012 - 12:51
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

If you mean a dictionary attack to crack your password, then yes.  EVERY manufacturer is vulnerable.  If you practice good choice of passwords, then it will take time for Reaver to punch through.

George Stefanick Wed, 01/11/2012 - 13:04
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

WPA and WPA2 "PSK" are susceptible to this issue. If an attacker captures the 1 and 2 or the 2 and 3 part of the 4 way handshake they can then use tools like COWPATTY or REAVER to crack against a dictionary.


What is important, dont use a KEY that will likely be in a dictionary.

Leo Laohoo Wed, 01/11/2012 - 13:09
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

What is important, dont use a KEY that will likely be in a dictionary.

So I can't use passwords like "password" or "youcantcrackthis" can I? 

Leo Laohoo Wed, 01/11/2012 - 13:11
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Follow the "rules":


1.  Mix upper and lower case;

2.  Use numbers;

3.  Use common sense:  Passwords like "love", "password", "admin", etc is the first few words to be tried by crackers. 

George Stefanick Wed, 01/11/2012 - 13:12
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

Love, really ? Who uses "LOVE" ... Only Leo ...

Scott Fella Wed, 01/11/2012 - 13:22
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Too funny:)


Thanks,


Scott Fella


Sent from my iPhone

Stephen Rodriguez Wed, 01/11/2012 - 15:47
User Badges:
  • Purple, 4500 points or more

Leo must have been watching Hackers again!


To piggy back on George:


Cisco AP's do not use WPS, so they should not be vulnerable to this type of attack.


The Linksys side of the house however, can/does use WPS.  you might want to hit the SMB forums and ask if they are aware of, and have a way to mitigate such attackes.


Steve

Leo Laohoo Wed, 01/11/2012 - 16:15
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Leo must have been watching Hackers again!

LOL!

dazza_johnson Fri, 05/17/2013 - 04:50
User Badges:

You are partly right here George. Granted, Reaver 'only' cracks WPS PINs, but once it has done so you are 'given' the WPA/WPA2 PSK. In a round about way you are ultimately getting your goal, the WPA/WPA2 PSK.


A Reaver attack tutorial/demonstration using the OG150 is now available to download for free! WPA2 PSK WAS CRACKED IN 4 SECONDS!! Download the PDF tutorial from http://www.og150.com/tutorials.php.


Attack was demonstrated on a Linksys WAG54G2 router with v1.00.10 software.


Thanks

Darren

Abhishek Abhishek Fri, 05/17/2013 - 14:44
User Badges:
  • Gold, 750 points or more

Hello,


As per your query i can suggest you the following solution-


Yes Ap's are vulnerable. You can use encryption, PSK,WPA.


Secure your SSID broadcast.


Mix characters and use numeric and alpha-numeric.


For more information you can refer to the link-

http://www.giac.org/paper/gsec/4094/securing-cisco-aironet-1200-access-point/106589


Hope this will help.

Actions

This Discussion

Related Content