ALERT: WPA-TKIP isn't secure - use WPA2 instead
Von: John Navas (spamfilter1@navasgroup.com) [Profil]
Datum: 07.11.2009 17:14
Message-ID: <%1hJm.8288$%j4.2309@newsfe18.iad>
Newsgroup: alt.internet.wireless
Datum: 07.11.2009 17:14
Message-ID: <%1hJm.8288$%j4.2309@newsfe18.iad>
Newsgroup: alt.internet.wireless
SUMMARY: WPA-PSK is vulnerable to offline attack. WPA-TKIP has been cracked. TO AVOID THESE PROBLEMS: 1. USE WPA-AES or WPA2 instead of WPA-TKIP (or WEP) 2. USE A PASSPHRASE WITH MORE THAN 20 CHARACTERS. Examples: BAD: "vintage wine" GOOD: "floor hiking dirt ocean" (pick your own words, even longer is better) FOR HIGH SECURITY, USE MORE THAN 32 CHARACTERS. BACKGROUND: Weakness in Passphrase Choice in WPA Interface <http://wifinetnews.com/archives/002452.html> Practical attacks against WEP and WPA <http://dl.aircrack-ng.org/breakingwepandwpa.pdf> A Practical Message Falsi cation Attack on WPA <http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20 Attack%20on%20WPA.pdf> New attack cracks common Wi-Fi encryption in a minute <http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi-fi.html> Passphrase Flaw Exposed in WPA Wireless Security <http://www.technewsworld.com/story/32070.html> Cracking Wi-Fi Protected Access (WPA) <http://www.ciscopress.com/articles/article.asp?p69221> <http://www.ciscopress.com/articles/article.asp?p70636&rl=1> Cracking WEP and WPA Wireless Networks <http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks>[ Auf dieses Posting antworten ]