cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7040
Views
0
Helpful
12
Replies

Preventing How to Crack a Wi-Fi Network’s WPA Password with Reaver

slwdaw_2
Level 1
Level 1

Hello,

Are Cisco AP's vulnerable?    

http://lifehacker.com/5873407/how-to-crack-a-wi+fi-networks-wpa-password-with-reaver

Is their a new IOS available to handle this?

12 Replies 12

Leo Laohoo
Hall of Fame
Hall of Fame

If you mean a dictionary attack to crack your password, then yes.  EVERY manufacturer is vulnerable.  If you practice good choice of passwords, then it will take time for Reaver to punch through.

George Stefanick
VIP Alumni
VIP Alumni

WPA and WPA2 "PSK" are susceptible to this issue. If an attacker captures the 1 and 2 or the 2 and 3 part of the 4 way handshake they can then use tools like COWPATTY or REAVER to crack against a dictionary.

What is important, dont use a KEY that will likely be in a dictionary.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

What is important, dont use a KEY that will likely be in a dictionary.

So I can't use passwords like "password" or "youcantcrackthis" can I? 

Follow the "rules":

1.  Mix upper and lower case;

2.  Use numbers;

3.  Use common sense:  Passwords like "love", "password", "admin", etc is the first few words to be tried by crackers. 

Love, really ? Who uses "LOVE" ... Only Leo ...

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

ha ha ha

Regards
Surendra BG

Too funny:)

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Leo must have been watching Hackers again!

To piggy back on George:

Cisco AP's do not use WPS, so they should not be vulnerable to this type of attack.

The Linksys side of the house however, can/does use WPS.  you might want to hit the SMB forums and ask if they are aware of, and have a way to mitigate such attackes.

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Leo must have been watching Hackers again!

LOL!

BTW -- That  program only cracks WPS, not WPA. WPS is used on home router wifi units.

here listen to this blog video

http://nostringsattachedshow.com/2012/01/08/e02-wi-fi-protected-setup-battered-or-broken/

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

You are partly right here George. Granted, Reaver 'only' cracks WPS PINs, but once it has done so you are 'given' the WPA/WPA2 PSK. In a round about way you are ultimately getting your goal, the WPA/WPA2 PSK.

A Reaver attack tutorial/demonstration using the OG150 is now available to download for free! WPA2 PSK WAS CRACKED IN 4 SECONDS!! Download the PDF tutorial from http://www.og150.com/tutorials.php.

Attack was demonstrated on a Linksys WAG54G2 router with v1.00.10 software.

Thanks

Darren

Abhishek Abhishek
Cisco Employee
Cisco Employee

Hello,

As per your query i can suggest you the following solution-

Yes Ap's are vulnerable. You can use encryption, PSK,WPA.

Secure your SSID broadcast.

Mix characters and use numeric and alpha-numeric.

For more information you can refer to the link-

http://www.giac.org/paper/gsec/4094/securing-cisco-aironet-1200-access-point/106589

Hope this will help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: