# Non-connecting WiFi network



## AJ-BSD (Nov 18, 2012)

Hello everyone,
In my quest to become more accustomed wit FreeBSD, I acquired an old-ish laptop.
I scratched it, and installed 9.0

I want to connect to my wireless network, yet... I don't know what I'm doing wrong.
I can't get it to actually connect.

The network card is working properly, because if I do a scan of available networks, various networks show up.
(using *ifconfig wlan up scan*)

Yet if I want to connect to my wifi network... I don't know where I'm falling.

My /etc/rc.conf reads:

```
hostname="fBSDlap"
wlans_iwn0="wlan0"

ifconfig_wlan0="WPA SYNDHCP"

sshd_enable="YES"

dumpdev="NO"
```

The output of *ifconfig*, I'm posting as a photo... because it's a lot of stuff to type out.
The links are for imgur:










Any thoughts on what I can add/try?
Thank you!


----------



## bbzz (Nov 18, 2012)

How can it connect when you never told it where to connect to.

`# wpa_passphrase <ssid> [passphrase] > /etc/wpa.conf`

`# wpa_supplicant -i wlan0 -c /etc/wpa.conf -B`


----------



## AJ-BSD (Nov 18, 2012)

Thank you very much for the reply!
Would it be the same if the network is WEP encryption?

Thanks... I'm reading man pages right now to figure out what is happening here.
=)

EDIT: I ask, because I just did what you said, and she still didn't connect.
So I'm not sure if it's because the WiFi is WEP security.


----------



## cpm@ (Nov 18, 2012)

If you read the handbook, look at section 32.3 Wireless Networking and go to subsection 32.3.3.1.3 in order to properly configure your /etc/wpa_supplicant.conf

As an example, you can copy /usr/share/examples/etc/wpa_supplicant.conf and modify it to suit your needs.


----------



## bbzz (Nov 18, 2012)

If it's a WEP you got, do yourself a favor and switch to WPA first, if you value your network.


----------



## SirDice (Nov 20, 2012)

Agreed, don't use WEP, it's awfully insecure these days. It can be cracked in about 5 minutes.


----------



## gwarbot (Dec 8, 2012)

It*'*s true, Aircrack-ng will pwn WEP.


----------



## bbzz (Dec 9, 2012)

SirDice said:
			
		

> Agreed, don't use WEP, it's awfully insecure these days. It can be cracked in about 5 minutes.



Ironically, about 85-90 % of WPA2 network are as vulnerable as WEP.
And it has nothing to do with bruteforcing against it.
In fact, it's even easier since you don't need relatively good signal to one of WEP stations, just AP.


----------



## wblock@ (Dec 9, 2012)

bbzz said:
			
		

> Ironically, about 85-90 % of WPA2 network are as vulnerable as WEP.
> And it has nothing to do with bruteforcing against it.
> In fact, it's even easier since you don't need relatively good signal to one of WEP stations, just AP.



Please go on.  Is this the TKIP vulnerability?


----------



## bbzz (Dec 9, 2012)

No. So far those with WPA/TKIP are vulnerable to traffic injections only.
This has to do with WPS.

WiFi Protected Setup, that handy button on most WiFi routers which allows you to connect more easily to your network. It has burned in non-configurable 8 digit pin number (or a variation of it).

This is what you bruteforce against. It takes at most 24 hours to bruteforce on even the slowest of cpus.
To make things worse, most routers can't turn this off. So if you have one of those routers, be sure to throw them out or not use WPA2-PSK mode (edit: Those running WPA2-Enterpsire need not be concearned. Here's an excuse to start running FreeRadius with WPA2 in your network).

Use wash tool on BackTrack to see what networks are vulnerable (about 90 % of WPA around you).

This vuln has been revealed only about a year ago, and given how slowly people adapt to needed security changes, as with WEP, you can be sure you can break into most WPA networks in years to come with this.


----------

