Wireless password cycling

[Skarn]

Hi,

I've made an autoit/vbs script to do the following.

1. Goal: Prevent outside decryption of wireless ssid and password that enables non authorised users of a wireless network to connect by cycling network ssid and password frequently. Solution must be more convenient then current methods.

2. Current protection and reasons why alternative wanted:

* Neighbours/war drivers can intercept traffic for a period of time - neighbours have longest interception timeframe capacity. They use the traffic to determine connection information.

* I feel my neighbours - appear to know too much about hacking and wireless stealing and I keep finding odd connections on my router despite changing password each month.

* Even with strong WPA password I get the impression from internet articles that it's perfectly feasible to extract the password over a few days.

* Inconvenient to cycle password and SSID more regularly than monthly - Changing router wireless password/ssid is manual through router web interface and clients must all then be configured manually to match new ssid/password.

3. Solution created:

* VBS with HTTP POST function to send new ssid and password to router - works!

* Autoit script with Wifi UDF by MattyD to create wlan profile for WinXp clients

* Autoit script calling netsh.exe and wlan profile functions to set new wireless connection for Vista clients

* Scripts generate 100 hashed passwords from a seed passphrase.

* SSID of network after a router cycle = rootname(customizable) + "_" keyNumber (0-100)

* Clients read available SSID's and identify the rootname and extract the keyNumber - this tells them which password of the 100 to apply.

* Profiles on clients generate wireless profiles to match the new ssid and corresponding key.

I see this as fairly secure and conveniant solution -

* outsiders must spend a day or more to crack the current password and would need to get the access to determine detail about the seed passphrase and method being used to cycle the network.

* changing the whole networks ssid and password takes 2 seconds to initialise and then automates itself, completing about 40 seconds later.

* negative: is that the connection is actually lost during the cycle - so currently connected clients could get broken downloads etc.

* negative: Doesn't solve the problem for my wii - can't do anything to automate the wireless details.

Does anyone see any holes in the process? Using the above I now cycle my wireless network every 2-3 days.

I'm happy to share how I've done it - but any script won't be 'plug and play'. You'd have to look at what is happening and put your own values etc in. Plus the router scripting would be different for every router I would imagine. I'm surprised it even worked on mine.