[Talk] How secure is wireless, in practical terms?

Danny Rathjens talk@flux.org
Tue, 07 Nov 2006 13:35:20 -0500 

Oops, I seemed to have stopped reading after the part I cited. :)

But he said what I thought, first: that WPA is more secure than WEP.
It seems that that article contradicts it by saying WPA is easier to 
crack than WEP, though.  Strange.

Interesting:
"WPA implements the majority of the IEEE 802.11i standard, and was 
intended as an intermediate measure to take the place of WEP while 
802.11i was prepared."

"WPA2 implements the full standard, but will not work with some older 
network cards."
http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

Adam Glass wrote:
> Larry also cited an article about cracking WPA.  It essentially says
> that it's not hard, and really comes down to using a password cracking
> program plus some other software.
> 
> Sounds like more of a when than an if  :)
> 
> --Adam
> 
> 
> On 11/7/06, Danny Rathjens <dannyr@wirespring.com> wrote:
>> Just to clarify.  He did not claim WPA is easy to crack.  He said
>> it was much more secure than WEP and that *if* someone managed to
>> get through the WPA encryption, then figuring out the MAC address
>> of machines on the net is easy.
>> That is a pretty big if.
>>
>> Adam Glass wrote:
>> > Hi Larry,
>> >
>> > As they say, you're not paranoid if they really are out to get you :)
>> >
>> > I plan to have a multi-denominational network with a Linux server and
>> > desktops that variously run Linux, OSX and Windows.  Since WPA has
>> > issues on Linux, and is easy to crack, I will definitely go the wired
>> > route.
>> >
>> > Thanks for the advice!
>> > --Adam
>> >
>> >
>> > On 11/6/06, Lawrence Kagan <me@larrykagan.com> wrote:
>> >> One more thing, if the site you're on is using ssl (I'm sure it is),
>> >> AFAIK, it takes a relatively long time to crack ssl encryption.  So
>> >> the transaction itself is pretty secure, even is the network is not.
>> >> Although, if the cracker has gained access to your network and has
>> >> the mac addresses, he could be running a man-in-the-middle attack by
>> >> spoofing the mac of your router, then your requests would be going
>> >> through an otherwise transparent proxy.  The proxy could then be
>> >> running ethereal (patched with ssl decryption) to view your 
>> information.
>> >>
>> >> Man, am I paranoid or what?
>> >>
>> >> Larry
>> >> _______________________________________________
>> >> Talk mailing list
>> >> Talk@flux.org
>> >> http://www.flux.org/mailman/listinfo/talk
>> >>
>> > _______________________________________________
>> > Talk mailing list
>> > Talk@flux.org
>> > http://www.flux.org/mailman/listinfo/talk
>> >
>> _______________________________________________
>> Talk mailing list
>> Talk@flux.org
>> http://www.flux.org/mailman/listinfo/talk
>>
> _______________________________________________
> Talk mailing list
> Talk@flux.org
> http://www.flux.org/mailman/listinfo/talk
>