Security Basics mailing list archives
RE: Wireless Security vs Performance
From: "Toby Reynolds" <reynolds () cwgsy net>
Date: Sat, 11 Sep 2010 01:28:12 +0100
Not true The encryptions are not vulnerable, but the authentication method is CoWPAtty brute forces the Pre Shared Key But WPA and WPA2 are the way to go -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Adam Mooz Sent: 10 September 2010 20:57 To: shailesh.sf () gmail com Cc: security-basics () securityfocus com Subject: Re: Wireless Security vs Performance Shailesh, WPA and WPA2 are both 100% vulnerable to brute force attacks, take a look at cowpatty. It's supposed to take a very long time. It's extremely possible to brute force WPA/2, google it. Adam Mooz On 2009-06-24, at 8:43 PM, shailesh.sf () gmail com wrote:
If Security is the criteria, then I would suggest you should be using WPA2
rather than WEP.
WEP with the now infamous RC4 Stream Cipher is/ was a security nightmare. WPA2 uses AES Block Cipher with a 256 Bit Key and currently their aren't
any known compromising attacks against it.
As regards to the cipher, AES remains secure & unconquered while the 256
Bit Key is completely immune to any brute force attack(s).
You may also wanna check NIST SP 800-48 that deals specifically with
Wireless Security.
Regards, Shailesh ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1
------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Wireless Security vs Performance shailesh . sf (Sep 10)
- Re: Wireless Security vs Performance Adam Mooz (Sep 10)
- Re: Wireless Security vs Performance Paul Johnston (Sep 13)
- Re: Wireless Security vs Performance Archangel Amael (Sep 14)
- RE: Wireless Security vs Performance Toby Reynolds (Sep 13)
- Re: Wireless Security vs Performance Paul Johnston (Sep 13)
- RE: Wireless Security vs Performance Matthew Reed (Sep 10)
- Re: Wireless Security vs Performance Adam Mooz (Sep 10)