From: mike 


WPA/2 is pretty good.   Of course, (staying with the central thought of
your post), a good password is always helpful.

 /m


On Thu, 17 May 2007 10:28:38 -0400, "Rich Gauszka"
 wrote:

>I sometimes wonder how safe/secure any of them are. The link below is yet
>another reason to make sure employees don't visit a porn site
>
>http://iss.tribe.net/thread/b374e675-ad6b-4786-bd6a-4d4c68e5fb00
>
>At DefCon this year the guys from Chruch of WiFi were showing the gear
>needed for their dictionary attack. They have a huge dictionary file, that
>includes a lot of "strong" passwords and can crack WPA2 in less then 5
>minutes in most cases. The "strong" passwords that are in
their file mostly
>come from actual passwords used for porn sites. Granted that most malicious
>users will not go through the trouble when there are still tons of open
>networks, it still remains important to use the strongest passwords
>possible, and change them often.
>
>...
>The dictionary file that they used was one that had a large amount of used
>passwords from porn sites. ones that included numbers and such. Not sure how
>they obtained it, but i do know that they break passwords fast. Take a look
>here www.churchofwifi.org/ once there seach for wpa2 and click on cowpatty
>4.0 for more info. they don't give the info on their dictionary file, they
>spoke of it at defcon though
>
>
>"Glenn Meadows"  wrote in message
>news:464c5444$1{at}w3.nls.net...
>>I just read somewhere that TKIP was essentially WEP in a different name,
>>NOT WPA.  For WPA, you need to be running AES encryptions. TKIP was for
>>compatibility.
>>
>> (But all of that is way above my pay grade, so I could be obliviously
>> incorrect).
>>
>> (Turns out I AM Incorrect, but below is a paste of the relevant article, I
>> stand corrected).
>>
>> Ah, I think I found the info, it was from a Kim Komando newsletter,
>> content pasted below:
>>
>> Wireless encryption confusion
>> In your article from 2006 on wireless security, you recommend using WPA2,
>> which you say is also called WPA-PSK. My laptop lists options for WPA,
>> WPA-PSK, WPA2, and WPA2-PSK.  Meanwhile, my router doesn't list WPA2 at
>> all, but does have WPA-PSK. I've set both the laptop and router to
>> WPA-PSK, but am wondering if I should use WPA2-PSK (which would require a
>> new router). Are WPA2 and WPA-PSK equivalent, or do I need to upgrade to
>> get WPA2?
>>
>> Awhile back, I wrote steps to encrypt a home wireless network. But the
>> steps aren't as specific as I normally like. Router makers often use
>> confusingly different terminology and interfaces.
>>
>> Before continuing, I must apologize to everyone still clinging to their
>> sanity. Like the question above, this Tip will be full of acronyms. So put
>> on your thinking cap and read slowly.
>>
>> The question was: Are WPA2 and WPA-PSK equivalent? And the answer is:
>> maybe!
>>
>> Stop laughing. This is going to get worse.
>>
>> First, let me explain these acronyms. They all refer to encryption. You
>> use them to keep others off your wireless network. Without encryption,
>> neighbors could easily pick up your signal. They could ride your network
>> to the Internet. They might even be able to get into your computers.
>>
>> The original encryption standard was WEP-Wired Equivalent Privacy. WEP is
>> easily broken. So you should never use it. If your router uses WEP, it
>> probably can be upgraded to WPA. If not, get new equipment. WEP is
>> dangerous.
>>
>> The wireless industry realized several years ago that it had to act. It
>> developed WPA-Wi-Fi Protected Access. This was an interim standard. It
>> actually uses the same encryption as WEP. But it changes the key
>> frequently. WPA is safe, so long as you use a long password. It should be
>> 22 characters or more.
>>
>> The final standard was WPA2. This standard uses AES (Advanced Encryption
>> Standard). AES is unbreakable. So WPA2 is the preferred method of
>> protection. If WPA2 (Wi-Fi Protected Access, second generation) is listed
>> in a router's options, it should be used.
>>
>> To answer your question, the WPA-PSK option depends on the router. (PSK
>> means pre-shared key.) Older routers may use WPA-PSK for both WPA and
>> WPA2. If so, they should allow you to further specify either TKIP
>> (Temporal Key Integrity Protocol) or AES. AES is the type of encryption
>> that indicates WPA2. TKIP is always used by WPA.
>>
>> The most common variations of WPA or WPA2 include PSK, AES, TKIP, Personal
>> and Enterprise.
>>
>> PSK is interchangeable with Personal. Both require you to manually enter
>> your network's key or passphrase on each of your computers. In other
>> words, the key is shared before you connect.
>>
>> Businesses don't spend time manually setting keys on all their machines.
>> Instead, they typically use a server to manage secure connections. This
>> type of setup is WPA or WPA2 (no PSK). Some routers add the word
>> Enterprise for clarity.
>>
>> Now, TKIP is part of WPA, but it is not a type of encryption. You might
>> recall, if you're still awake, that WPA uses the same encryption as WEP.
>> However, TKIP frequently changes the key of the encrypted signal. The
>> result is a moving target that is harder to crack.
>>
>> Because WPA uses the same encryption as WEP, it can be used on old
>> hardware. Equipment originally designed for WEP can be upgraded for WPA.
>> The upgrade is often just a download from the manufacturer.
>>
>> WPA2 and its AES encryption, however, require modern hardware. It's
>> important to look for WPA2 certification before you buy a router. You can
>> find more information in my wireless router buying guide.
>>
>> You can also check the Wi-Fi Alliance site for a thorough list of tested
>> and certified products. Each listing specifies WPA or WPA2 certification.
>>
>> --
>>
>> Glenn M.
>> "Rich Gauszka"  wrote
in message
>> news:464ba934$1{at}w3.nls.net...
>>>I switched my router to TKIP only ( WPA ) trying to resolve my atheros
>>> chip panic problem on the Macbook several days ago ( mentioned as a
>>> possible unofficial fix ) . I haven't had a panic yet but I also stopped
>>> iTunes from doing an auto update on podcasts which may have contributed
>>> to the panic
>>>
>>>
>>> mike wrote:
>>>> WPA or WPA/2?
>>>>
>>>>
>>>> On Wed, 16 May 2007 19:47:13 -0400, "Rich Gauszka"
>>>>  wrote:
>>>>
>>>>> PClinuxOS was the first live cd  that I was able to configure my
>>>>> Toshiba's
>>>>> wireless ( WPA ) on boot. For some reason the Unbuntu
7.04 livecd would
>>>>> just
>>>>> let me configure for WEP. Not good when you're doing WPA
>>>>>
>>>>>
http://www.pclinuxos.com/index.php?option=com_frontpage&Itemid=1
>>>>>
>>>>>
>>>>> good review of Linux  live cds at
>>>>>
>>>>> http://www.osnews.com/story.php/9569/Linux-LiveCD-Roundup
>>>>>
>>
>>
>>
>

--- BBBS/NT v4.01 Flag-5