Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 559
  • Last Modified:

What is currently the strongest wireless network security

What is currently the strongest wireless network security

&

Can it be broken?
0
mc87
Asked:
mc87
1 Solution
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
The current version of Wi-Fi Protected Access encryption is  WPA2.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
It's not likely to be broken, if you use a long passkey.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
have a look at this article, there were some claims, it could be done ina  shorter time!

http://www.eastmobiles.com/index.php?option=com_content&view=article&catid=27:wi-fi&id=106:wpa2-key-hack-nvidia
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
DocSeltsamCommented:
Hi there.

out of the box: WPA2.

Yes, it can be broken. But not with a reasonable effort at the moment.
There was also found a security issue in WPA2 i think.


--TheDoctor
0
 
TolomirAdministratorCommented:
I would additionally suggest you establish an vpn connection between the mobile device and the connection server.

For a start this could be openvpn. http://openvpn.net/index.php/open-source/overview.html

Tolomir
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
and this is the company that claims they can do it

http://www.elcomsoft.com/ewsa.html

using an nVidia card.
0
 
TolomirAdministratorCommented:
I would rather use the http://www.maximumpc.com/article/features/ati_radeon_hd_5970_undisputed_performance_champ

to get 103000 passwords per seconds ;-)

---
Elcom also say: If Elcomsoft Wireless Security Auditor fails to recover a Wi-Fi password within a reasonable time, the entire wireless network can be considered secure.


Tolomir
0
 
mc87Author Commented:
is wpa2- tls stronger?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
WPA2 is the strongest Wi Fi, but if you also use a VPN across the Wi-Fi link, you've got another layer of security which is even securier.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
@Tolomir: I'm an nVidia fan, but also have a life, and why would anyone bother to hack WPA2!
0
 
TolomirAdministratorCommented:
I just wanted to point out, that currently ati cracks more passwords then nvidia does ;-)
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
@Tolomir: this week!
0
 
TolomirAdministratorCommented:
I suggest to read this article:

https://secure.wikimedia.org/wikipedia/en/wiki/Wi-Fi_Protected_Access#WPA2

including: https://secure.wikimedia.org/wikipedia/en/wiki/EAP-TLS#EAP-TLS

for home usage wpa2 with a strong preshared key like "8=3O!aq72;UQHT*@t$;o" is considered safe!

Tolomir
0
 
Jakob DigranesSenior ConsultantCommented:
Strongest Wireless Security ....
It would be wrong to focus on encryption algorithm....

As Tolomir points out:

Wireless can be as secure as wired, maybe even more secure if done properly.
For corporate/business environment.
Use 802.1x with machine authentication and user-reauthentication. This way both computer AND username and password is authenticated. And you authenticate computers with a domain certificate, and username and password from domain authentication. The authentication mechanism is sent on secure encrypted channel. That way wireless access is based on something you have, a certificate/smart card, and something you know - username and password.

WPA/WPA2 is purely an encryption algorithm used to encrypt data.
- It would be impossible to capture in-the-air traffic to gather enough packets to decrypt data - as the WPA-encryption keys can be dynamic and changed every minute if you like
- It would - of course - be possible to do dictionary attack, or some other kind for random attack to break PSK --- it's all math !

for home user - a strong key is sufficient (once again - as Tolomir says)
Ask yourself this question: How many people would spend time and money to hack someones home wireless? Hence - WPA/WPA2-PSK is more than sufficient

For business/Corporate - many would, so PSK is NOT an option, onlyd 802.1X is a good enough solution
0
 
erdelgadCommented:
Hello,

I am a security expert and I will say that everything depends of your enviroment.

Right now the strongest security that you can get is a wireless device integrated with radius server and do machine or user authentication. This feature is called 802.1x.

In regards of the encryption I suggest to use wpa2 enterprise AES so all the traffic between the client and the wireless device will be encrypted.

802.1x depending of the hardware can use differents EAP methods.

I suggest to use EAP-FAST if you have Cisco ACS if not use EAP-TLS.

If you are interesting I can go deeper and provide you with some configuration examples.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now