New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!
· Ian T's (AR 23)
· Marcia's (CO8)
· Bill G's (CO11)
· Paul's (AR 5)
· Robin's (AR 2)
· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?
$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 981
Comments: 19
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
image wireless: Passwords: Researcher warns Wi-Fi users of bad passwords image
Wireless
Researcher warns Wi-Fi users of bad passwords
By Robert Lemos
CNET News.com

A security expert has warned users of the latest wireless network security standard, Wi-Fi Protected Access, to pick good passwords or risk being compromised.

The Wi-Fi Protected Access (WPA) security specification sported by the latest wireless hardware includes a way for administrators--whether in a small business or home--to lock down their network using a single pass phrase. However, a poorly chosen code can still be attacked with brute force methods, such as a dictionary attack, in which an attacker guesses at the password using a list of common words. That makes long random codes a key to security, Robert Moskowitz, senior technical director with ICSA Labs, said in a paper.

The weakness is in poorly chosen keys and that's warned of in the standard, he said. Most people use passphrases like RosesAreRed. But those things are in the dictionaries (used by attackers).

While not a flaw in the standard, Moskowitz worries that users will not understand that their security entirely rests on the randomness of the password they chose for their network.

The WPA specification uses passwords to act as the keys that encrypt a network's communications. The specification allows for two types of key management: pre-shared keys, where everyone uses the same pass phrase, and managed keys, which use a server to assign a different key to each user.

Moskowitz's concerns are for home users and small offices that use the pre-shared key model. The choice of a simple key can lead to easily broken security.

Basically, an attacker could capture the initial data, or handshake, between the wireless base station and a user's computer. The data can then be analyzed and attacked, by trying different passwords, at a later time. Such a brute-force method can be very effective when the network uses an easily guessable password, Moskowitz said.

However, if the network uses a long random code to secure the network, brute force attacks are almost impossible, he said.


ZDN
Posted on Monday, 10 November 2003 @ 04:40:00 EST by phoenix22
image

 
Login
Nickname

Password
· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· News.com
· HotScripts
· W3 Consortium
· C|Net News
· ZDNet News
· More about Wireless
· News by phoenix22
Most read story about Wireless:
First Ever GSM Cellphone Exploit

image
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent

image
Options

Printer Friendly Page  Printer Friendly Page
image
"Login" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 816 pages served in previous 5 minutes. Page Rendered: 5.267 seconds.