[kismac] Re: WPA-TKIP, Kismac, and my network

  • From: Brad Knowles <brad@xxxxxxxxxxxxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Sun, 23 Jan 2005 00:20:05 +0100

At 1:10 PM -0800 2005-01-22, Glen MacPherson wrote:

 1. Apart from a colossal brute-force, and assuming that Kismac is the
 sharpest knife in most toolkits, is my network secure enough to begin
 transmitting confidential research data?

The problem is that WEP is insecure, regardless of key length. The best attacks for it do not involve going after the key directly. Reports I've heard are that WPA has some unexpected weaknesses that actually make it worse than WEP.

My suggestion is to do a software VPN (preferably based on IPSec), on top of the wireless network. Make sure that the VPN terminates on the other side of the wireless network, and nothing gets off the wireless network without having come through the VPN.

Brad Knowles, <brad@xxxxxxxxxxxxxxxxxxx>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

    -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
    Assembly to the Governor, November 11, 1755

  SAGE member since 1995.  See <http://www.sage.org/> for more info.

Other related posts: