Skip to main content

WPA and WPA2

WPA was developed in response to the flaws in WEP, and it's a much better security protocol than its predecessor. Unlike WEP, WPA uses a 48-bit initialization vector and a 128-bit encryption key. More importantly, however, WPA uses what's called the Temporary Key Integrity Protocol (TKIP). Whereas WEP recycles the same key for encrypting all the packets flowing across the network, WPA's TKIP changes the encryption key every single time a packet is transmitted. This, combined with the use of longer keys, prevents a hacker from compromising a router simply by passively observing a large enough set of packet transmissions.

The WPA2 standard is a 2004 update to the WPA specification that includes support for a US government-approved encryption protocol called Advanced Encryption Standard (AES). (AES can also now be used with WPA, though the presence of this option will probably depend on how recently your router received a firmware update.) Unlike WPA, WPA2 was not explicitly developed with backwards compatibility in mind; older routers that are capable of handling WPA encryption via TKIP may not be able to use WPA2, as WPA2 mandates both AES and TKIP compatibility. If possible, you should use WPA2 instead of WPA.


WPA2 is more secure, but lacks the backwards compatibility of WPA
There are two security levels built into WPA and WPA2, WPA Personal (or WPA-PSK) and WPA Enterprise. WPA-Personal uses a preshared authentication key between all the systems on a network. This means that the network is potentially vulnerable to dictionary-based attacks if strong passwords are not used. Home networks don't have much to worry about here, provided your authentication key isn't something along the lines of "cat."

Enterprise-level WPA implementations make use of a separate RADIUS (Remote Authentication Dial In User Service) server. In this case, the adapter attempts to connect to the wireless access point, which then demands a set of credentials. The access point forwards this request and any associated information to the RADIUS server. The RADIUS server then checks these credentials against its own stored data. At this point, the RADIUS server can authenticate the user's login, deny it, or return a request for further information in the form of a second password or equivalent source.

RADIUS servers are typically reserved for enterprise-level deployment, where they provide both an additional level of security and an increased level of control over how network resources are allocated on a per-user level. As such, they fall outside the realm of what most home users are likely to encounter.

Once you understand the terminology, the basics of wireless security fall firmly into place. If you want a secure configuration, use the WPA protocol in combination with a strong passkey. Past that point, we're mostly splitting hairs. AES-based WPA2 is more secure than TKIP-based WPA, but either solution is light-years beyond WEP.

Comments

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

TBS5520 Multi-standard TV Tuner USB Box review

Noul TBS5520 Multi-standard TV Tuner USB Box a celor de la TBS se foloseste de RafaelMicro R848 multi-standard tuner si  AVL6882 Demodulator pentru a reda urmatoarele standarde: ETSI EN 302-755 V1.3.1 (DVB-T2/T2-Lite) ETSI EN 300-744 V1.6.1 (DVB-T) ETSI EN 300-429 V1.2.1 (DVB-C) ETSI EN 307-421 V1.2.1 (DVB-S2) ETSI EN 300-421 V1.1.2 (DVB-S) ARIB STD-B31 V1.6-E2 (ISDB-T) ITU-T J.83 Annex B 12/2007 (J.83/B) http://www.tbsdtv.com/products/tbs5520_multi-standard_tv_tuner_usb_box.html Pe aspectul fizic nu insist, sunt destule fotografii pe internet, vreau doar sa punctez cateva aspecte: pentru alimentare este necesar cablu Y USB - este singura modalitate de a furniza energie si de aici avem o limitare in ceea ce priveste functionalitatea cu motor HH mobilitate sporita si posibilitatea alimentarii directe din bateria unui notebook sau chiar conectarea la Tableta Android (de indata ce driverele vor fi gata) “TBS 5520 USB2.0 in warm state” nici rece dar nici fierbin

FTS4BT Wireless Bluetooth® Protocol Analyzer & Packet Sniffer

Complex & Ever Changing Bluetooth is an extremely complex software and hardware technology that is evolving fast. Even the most experienced Bluetooth developers and test engineers are challenged by keeping up with the latest changes from the baseband all the way to the profile level. Interoperability There are now enough Bluetooth-enabled devices on the market to prove that the technology is viable. Commercial success is tied to making sure that your devices interoperate smoothly so consumers can realize the benefits of Bluetooth. Currently Supported Version 2.1+EDR Features: Extended Inquiry Response. Secure Simple Pairing. QoS. Non-Automatically Flushable Packet Boundary Flag. Sniff Subrating. Erroneous Data Reporting. Encryption Pause and Resume. Link Supervision Timeout Changed Event. Security Mode 4. Supports EDR (Enhanced Data Rate): FTS4BT is the only analyzer currently on the market to support Bluetooth v2.1 + EDR. Finger-sized Bluetooth ComProbe: Air sniffing hardware