[QCLUG] wpa_supplicant

[atters@mchsi.com]

---------------------- multipart/alternative attachment
"Is WPA really that insecure?"

The short answer is a no, the long answer is a yes with a "but".  Obviously WEP is swiss cheese, and WPA is a long sight better than WEP, but WPA2 is the real winner.  With just a little time, and a single connected client, the attacker snifs an authentication and tries to brute force your master key.  So, step 1 is make a ridiculous master key, good enough to prevent brute forcing from your attacker.  CCMP (AES based) included with WPA2 is the key to making it almost infinitely difficult to break in comparison to WPA, and with a security-shoddy XP or Vista box on the network, CCMP can help to mask those holes.  In the long run, as long as your card is listed as fully supported (ie. no NDISwrapper or similar), you shouldn't HAVE to use WPA1.

If turns out you can't use WPA2, WPA + TKIP w/AES is a good choice, as the key gets changed often and is AES encrypted as well, which should make a non-uber attacker cringe.

Check out the Aircrack suite, as it is built for Linux and a hell of a set of tools for trying craking your AP open like a walnut.  


--
Luke Atteberry
---------------------- multipart/alternative attachment
An HTML attachment was scrubbed...
URL: http://qclug.org/pipermail/qclug/attachments/cf6f3e49/attachment.htm

---------------------- multipart/alternative attachment--