Did someone crack my encryption?

[DanInPhilly]

I have simple WEP encryption on my wireless modem/router (I don't need much more: only one PC, don't do banking, etc). Plus I have Norton antivirus. Generally Norton catches little stuff and deletes it. No problem.

But today I got a new notice from Norton: "An intrusion attempt by 192.1... was blocked." So I'm wondering: did this happen after I was on the web (and someone tracked my computer), or did a neighbor crack my wep?

 

[CalvinHobbes]

WEP was cracked a long time ago. It could be norton making a mistake but I would recommend switching to WPA2.

 

[akhilles]

WEP can be cracked in mins. Use only WPA2 if possible. Or at least WPA. With a 63-char alpha-numeric passphrase that's changed once in a while.

 

[Skeeedunt]

Yup, WEP is trivial to crack. If you log in to your router, does it show any other connections established (DHCP leases or anything like that)? Make sure you log in over hardwire, since if your WEP key is compromised they would obviously be able to sniff your login/password over wireless (I'd recommend setting it so that you can only access the router config over hardwire if you haven't already done so).

 

[gsellis]

As noted, WEP is cracked and easy.

Norton will give false positives too. I have a Hawkings print server and Symantec's firewall has blocked it before thinking it was intruding. Does the address relate to something like a printer on your network? Then it may be a false positive.

Still, switch to WPA2 if possible. And change the password on your router right after you do.

 

[Donts00tmesanta]

anything can be hacked if they wanted to get in

 

[blackangst1]

Originally posted by: kyubi
anything can be hacked if they wanted to get in

AFAIK cascaded AES with the new SHAW 512 hash has never been compromised. AES alone would take years to break, if ever. The most common way to break encryption is via social engineering. Correct me if Im wrong.

White hat conferences are a great source of info. NSA attends to contribute

 

[montag451]

I have heard that WPA-PSK has been hacked too, and it doesn't take long.
This is only if the password is <6 characters and is alphanumeric.

Imagine that a neighbour has access to your encrypted wifi and can try 70000 keys per second!
If you only use alphanumeric (caps, normal, numbers and space = 63), then
4 characters has 63x63x63x63 combinations=(approx) 16million ........ 16million/70000= 4500 seconds (3 hours)
5 characters approx 1000million/70000 = 280000 seconds (3 days)
6 characters approx 60000million = 6 months
7 characters = 30 years (at current wifi/cpu speeds)
Disclaimer:
<b>Please bear in mind these are very approximate and that it these numbers are based on dictionary attacks or word lists.</b>

So, putting in an odd ' or - or £ or some other character will make it impractical to try and crack your WPA, (and keeping your password a minimum of 7 characters of course).

 

[blackangst1]

yeah montag WPA was a nice fix for WEP (which was pretty much trivialized 4 or 5 years ago), but studies show the majority of compromises are via brute force. Aironet can dictionary attack pretty quick. Again, a strong password (16+ characters) is your best defense. Prople think a long password is too hard to remember. But, an option is to come up with a short sentence with variable characters as a password. For example, "1h4tet0work@n1g4t" (I hate to work at night).

Also, the new preferred for home woreless is WPA2.