Create an Account
username: password:
 
  MemeStreams Logo

Wi-Fi Networking News: WPA Cracking Proof of Concept Available

search

StankDawg
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

StankDawg's topics
Arts
Games
Health and Wellness
Miscellaneous
Current Events
Science
Sports
Technology

support us

Get MemeStreams Stuff!


 
Wi-Fi Networking News: WPA Cracking Proof of Concept Available
Topic: Technology 4:00 pm EST, Nov  6, 2004

] WPA Cracking Proof of Concept Available
]
]
] We warned you: short WPA passphrases could be
] cracked--and now the software exists: The folks who wrote
] tinyPEAP, a firmware replacement for two Linksys router
] models that has on-board RADIUS authentication using
] 802.1X plus PEAP, released a WPA cracking tool.
]
]
] As Robert Moskowitz noted on this site a year ago, a
] weakness in shorter and dictionary-word-based passphrases
] used with Wi-Fi Protected Access render those passphrases
] capable of being cracked. The WPA Cracker tool is
] somewhat primitive, requiring that you enter the
] appropriate data retrieved via a packet sniffer like
] Ethereal. Once entered, it runs the cracking algorithms.
]
]
] Remember that to crack WEP, an attacker has to gather
] many packets, possibly millions, but can then easily
] crack any key. For WPA, certain shorter or
] dictionary-based keys are highly crackable because an
] attacker can monitor a short transaction or force that
] transaction to occur and then perform the crack far away
] from the physical site.
]
]
] The solution to this WPA weakness involves one of three
] approaches:
]
]
] Choose a better passphrase: Pick passphrases that aren't
] entirely comprised of dictionary words, meaning they need
] some random nonsense in them. "My dog has fleas": very
] bad. "Mdasf;lkjadfklja;dfja;dfja;d": very good, but hard
] to type in. Passphrases should be at least 20 characters.
]
]
] Use randomness to choose a passphrase: A random
] passphrase of at least 96 bits and preferably 128 bits
] will defeat the cracking that Moskowitz wrote about,
] according to his paper. Tools like SecureEZSetup from
] Broadcom and AOSS (AirStation One-touch Setup System)
] from Buffalo are two automated ways to produce better
] passwords of this variety.
]
]
] Use WPA Enterprise or 802.1X WPA: Deploy
] enterprise-based authentication which will allow a strong
] WPA key to be uniquely assigned to each user. This isn't
] as expensive as it once was. The TinyPEAP folks are
] pushing their method, but you can also turn to Interlink
] Networks's LucidLink product (for on-site control),
] Gateway Computer's 7000 series of access points with
] on-board PEAP service, and Wireless Security
] Corporation's WSC Guard, available from them directly or
] for certain Linksys models via Linksys.

Wi-Fi Networking News: WPA Cracking Proof of Concept Available



 
 
Powered By Industrial Memetics
RSS2.0