So you got yourself a wireless router, configured it up and now you are all set to use your own Wifi network. However, have you ever wondered that the security of this Wifi network is also very crucial.
With the rising terror threats (and terrorists making use of open wireless networks), it certainly makes a lot of sense to ramp up the security of your Wireless network. Terrorists and other social miscreants are known to scan for open wireless networks and use them for sending threat mails to the agencies or their other handlers. I am sure, the last thing you want for yourself is the cop at your door, asking you questions about stuff you might have never even heard of.
In this article, i am going to talk about 5 most commonly used Wi-Fi hacking software and how do they work. At the end of the article, i am also going to suggest a few best-practices related to setting up your Wireless Router security.
NetStumbler is a free to download windows based tool which can be used to easily locate open wireless networks. Below is a video demo giving a quick through of finding open wireless networks using Netstumbler.
NetStumblr can even determine the Signal/Noise which is very neat information, specifically if you are a wireless hotspot provider. You can download NetStumbler by navigating to www.netstumbler.com/downloads/
While NetStumblr is good with displaying all the open wireless networks, it doesn’t display those Wireless Networks which dont broadcast their SSID’s. Using Kismet, you can detect and display the SSID’s which are not being broadcasted as well.
Both NetStumblr and Kismet are important Wireless (Wifi) Hacking tools which are used for identifying networks.
Kismet is an 802.11 layer 2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT.
Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
You can download Kismet by navigating to www.kismetwireless.net
Using NetStumblr and Kismet you get to know the wireless network and the next steps is to get onboard to that network. If there is no wireless encyption security being used, you can directly connect to the network. However, if there is an encyption security in place, you might need to use Airsnort.
You can download Airsnort by navigating to airsnort.shmoo.com
Another interesting and better tool which can do similar stuff is Aircrack-NG which is available at www.aircrack-ng.org
If the network you found has a WPA-PSK protection, you can crack that using the tool called CowPatty. The program basically tries a bunch of different options from a dictionary file and checks if it matches with a defined pre-shared key.
You can download Cowpatty from sourceforge.net/projects/cowpatty
Once you have found the wireless network, connected with the network, hackers can easily sniff the data flowing through the network using WireShark.
You can read more about WireShark in my previous posts titled How To Use Wireshark for Packet Analysis and Grab Cookies and Passwords using WireShark [Part 2]
Another very interesting and important tool with regards to Wifi Hacking is INSSIDer, you can read more about it in my post titled [Freeware] Scan Wireless Networks with INSSIDER
Some common Security Tips for your Wireless Network
1.) Have a MAC level filtering at your router.
2.) Change the default settings of your router’s Web-based administration.
3.) Turn off broadcasting of your SSID.
4.) If you use WEP, use a 128-bit, not a 40-bit WEP encryption key. 128 bit key would take longer to crack. If your wireless router supports it , use WPA or WPA2 instead of WEP. WPA / WPA2 is much secure as compared to WEP.
5.) Use a long and complex WPA Pre-Shared Key. This type of key would have less of a chance of residing in a dictionary file that would be used to try and guess your key and/or would take longer.
6.) To protect yourself from getting Sniffed, ensure you send your login data using HTTPS. Traffic sent over the HTTPS protocol is encrypted, therefore anyone sniffing packets over the network will get garbled text and nothing else.
Update – 17th December 2010
We recently did a comprehensive article to help our readers secure themselves through 10 steps. You can read all of these in the article titled 10 Steps to Secure Your Wireless Network (Follow them Now!!!)
Do stay tuned to Technofriends for more, one of the best ways of doing so is by subscribing to our feeds. You can subscribe to Technofriends feed by clicking here
Follow me on Twitter at @vaibhav1981 aircrack-ng, airsnort, Computer Network, cowpatty, cracking wep, cracking wpa, hacking, hacking wireless network, kismet, netstumblr, packet sniffing, secure wifi network, secure wireless network, security, Software, Wi Fi, WiFi, Wireless Network, Wireshark