AGIX Discussion All HowTo's Cybersecurity

Protecting Against AirCrack-NG

This is a short article focused on helping you protect your wireless network from hackers. The AirCrack-NG suite is the most common set of tools used to crack wireless networks. For that reason, we’re focused on that suite for this article. Other tools need to deal with the same wireless network characteristics.

AirCrack-NG only works with WPA/WPA2 PSK wireless network. The PSK means “Pre Shared Key”. All home wireless networks (well, by far most) use PSK. The alternative is to use “Enterprise / 802.1x” mode which requires an authentication service like RADIUS which most home users don’t have the need for.

AirCrack-NG looks for weak points in the wireless communication protocol. It’s the point where a wireless device joins a wireless network. During that process, there’s an exchange and AirCrack-NG is looking for that and will dump the details to a file for later password cracking use Brute-Force (passed on password lists). Note: John the Ripper can also be used to help in the cracking phase. The point is that it comes down to guessing the wireless network passphrase (password). Passwords must be more than 8 characters long with an upper limit of 63 characters. AirCrack-NG has a built-in tool to attempt to find the right passphrase but it relies on password files to use as a comparison source. John the Ripper can do the same thing but John has more advanced features.

Based on the above methods of cracking a wireless network using AirCrack-NG, the best methods you can use to protect your wireless network are:

  1. Use “Enterprise / 802.1x” rather than PSK if you have the option. Most home users don’t have the resources or know-how to use 802.1x, and PSK is so much easier to configure and manage.
  2. Use long and complex passwords. Password guessing requires a list of passwords to go through (from start to end)  or possibly even trying every possible combination of characters to find the correct combination. Passwords are your best form of security when using PSK so pick a good one. Obviously, the longer and more complex the password, the more pain you’ll suffer when trying to join a TV or other device controlled with a remote-control to your wireless network.
  3. While no necessarily ideal, you can lower the strength of your wireless network Access Point(s) to limit the likelihood of attack. Ie, the lower the radio output power, the less distance one must be from the AP in order to launch an attack.

I hope this has been of some help in the attempt to harden your wireless network.

Leave a Reply

Your email address will not be published. Required fields are marked *