Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode
This article examined some of the vulnerabilities within WEP and WPA and provides the tools and method for auditing WPA pre-shared key mode passphrases. To do this, we examined the framework and flaws in WEP and reviewed the risks associated with using WPA-PSK passphrases of less than 20 characters. It has been demonstrated that although the method to crack the WPA-PSK is not trivial, it also is not beyond the reach of an average Linux user. Home users can lessen their security risks by using a passphrase significantly greater than 20 characters or, alternatively, by using WPA-Enterprise and incorporating an authentication server. Corporate users should implement an authentication server, use per-user keying and refrain from implementing WPA in PSK mode.
Resources for this article: /article/8405.
John L. MacMichael (CISSP, GSEC, CWNA) is a Naval Officer and Information Professional who works in the field of Information Assurance. He considers himself a journeyman Linux user and utilizes a variety of distributions both at work and home, including Slackware, Debian, Red Hat and several live distros; he has yet to find his favorite. He invites your comments at firstname.lastname@example.org.
- An Introduction to Tabled Logic Programming with Picat
- Ubuntu MATE, Not Just a Whim
- Build Your Own Raspberry Pi Camera
- Nasdaq Selects Drupal 8
- Non-Linux FOSS: Screenshotting for Fun and Profit!
- Secure Desktops with Qubes: Compartmentalization
- Canonical Ltd.'s Ubuntu Core
- A New Mental Model for Computers and Networks
- Getting a Windows Refund in California Small Claims Court
- The Peculiar Case of Email in the Cloud