Wireless Office
James Knott
james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Mon Jan 5 18:50:38 UTC 2009
Lennart Sorensen wrote:
> On Mon, Jan 05, 2009 at 12:29:36PM -0500, James Knott wrote:
>> IIRC, WPA has been partially broken, but not WPA2. WPA was supposed to
>> be an interim measure, while waiting for 802.11i to be finalized. WPA2
>> is 802.11i, but with a pre-shared key instead of a RADIUS server. TKIP
>> is a weak point.
>
> WPA2 does not add anything to WPA security wise, other than mandating
> AES must be supported.
It also uses CCMP, instead of TKIP for improved security.
http://en.wikipedia.org/wiki/CCMP
>
> PSK is as far as I know considered insecure on either. Perhaps not
> completely trivial to break, but certainly something that could be done
> within hours or days as far as I have understood.
Read up on CCMP, which uses AES for key management.
>
>> That's what I do. My home WiFi is WPA2 with the WiFi router outside my
>> firewall. The only way into my home network is via OpenVPN or SSH.
>
> Certainly the best way to get security.
>
--
Use OpenOffice.org <http://www.openoffice.org>
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list