Can WPA2 be cracked? yes? no? and why?

ANYTHING. Can be cracked.

It's more a matter of how long it would take.

Basically there are some morally gray programs out there that sniff packets and slowly decrypt the password. There is no set time-frame, it all depends, some luck, some depends on how much data you transfer, etc.

WPA2 > WPA > WEP. WEP can be cracked in 30 seconds using certain programs, WPA a few hours.

With a strong enough password, you'll be fine. It's pretty hard to brute-force a WPA2 with a strong password.

anything can be cracked. government files have been

there are different ways to do it. and it will keep getting faster w/ new tech. there are already programs that will use nV GPUs to speed up the crack.

but if you want to be safe, you should set up a radius server. there used to be a great one you could put on a WRT54GL called TinyPEAP, but it stopped development & got taken down because of GPL problems. if you have an unused PC you could always run freeRADIUS on it though.

if you stick w/ WPA2 the best thing you can do is not broadcast your SSID, create the longest password your router allows, and keep it completely random gibberish. most routers also have mac filtering. so you can block out all computers that dont have matching mac addresses of your comptuers/devices.

For most of my security testing, I have used Virtual Honeypots and Metasploit framework. I'll have to take a look at "Backtrack". First I have heard of it.

Turning off ssid broadcast doesn't really do much. The only thing "turning off the SSID" does is null the value of the network name field in the 802.11 beacon. Anytime a station associates or re-associates, that value is sent in the clear within the respective 802.11 frames. For this reason, it's not considered a security measure at all.

As mentioned above anythingg can and will be cracked. It all depends on time.

Rainbow tables do help the proccessing time required for cracking WPA2. However, right now it is still by far the most secure and safe means of Wireless Security. As long as you use AES. TKIP has alread seen an exploit using packet injection.

You Should also think about If there Is many OPEN wifi routers around you and if there is I doubt people would bother hacking you.

I would say as long as you have any sort of AES encryption you should be good to go. TKIP has been demonstrated to be insecure - same goes for WAP. 15 letters with random upper cases and whatnot with an uncommon router name (hell, even ThisIsMyRouter should be okay) should be enough to deter crackers away.

You should only be worried if you have some seriously important/confidential files on your network, or if you know somebody is trying to gain access to your computers.