I ordered a Linksys WRT54G-L router to act as the wireless access point (still behind OpenBSD via ethernet) for my home network, and I am thinking about forgoing my current method of WEP + OpenVPN and solely using WPA(2?).
I'm Googling around now to see what people are saying about it.
the purchase of the router was motivated by the pain in the butt that PCI wireless cards have been (having to ifconfig down && ifconfig up every once in a while, having to reboot the router for wireless to resume functioning, etc.) and my OpenVPN client on my Mac dropping the OpenVPN connection seemingly randomly and when I run rsync over ssh.
oh, great, I have to click on "article contents," which gives me some javascript popup or something that shows all the pages. so intuitive…
http://www.informit.com/articles/article.aspx … p;seqNum=1
or, in language that I don't fully understand (page 5):
The Achilles heel of WPA is the calculated MIC value that is used to validate messages 2–4 of the four-way handshake. In particular, coWPAtty targets the final EAPoL message; although any would work. Remember that this MIC value is created by passing the entire EAPoL message into an HMAC_MD5 hashing algorithm, which is secured by the MIC Key that was taken from the PTK.
Because both the MIC value (not the key) and the EAPoL message are passed as plaintext, an attacker can focus on the MIC hash value. The challenge is tied to the fact that an attacker must first convert the dictionary word to a PMK, using the correct algorithm with an accurate SSID value. Then the resulting value is plugged into another equation that also requires the MAC addresses and Nonce values of the supplicant and authenticator. The result of this calculation is the PTK, from which the attacker can strip the MIC Key. With this MIC Key, the attacker then performs the same HMAC_MD5 hash on the captured EAPoL message to see whether the selected password produces the same MIC as the captured MIC.
and from page 7:
# The calculated MIC is compared to the captured MIC:
Calculated MIC using EAP frame four with "radiustest" is
d0ca 4f2a 783c 4345 b0c0 0a12 ecc1 5f77
Capture MIC is
d0ca 4f2a 783c 4345 b0c0 0a12 ecc1 5f77
CALCULATED MICS MATCH!!! Congratulations, the PSK is "radiustest".
http://daemonforums.org/showthread.php?t=982
http://www.openbsd.org/faq/pf/authpf.html
for me, protocol-level encryption is fine. (using https, ssh, sftp, etc.)
recent, too!
Is speed an issue?
I just don't like the idea of essentially covering a fifty foot radius around my house with ethernet plugs that let anyone with a computer grab my AIM (or TTF!) password or something.
fair enough.
but i'm gonna get an ssl cert soon, i think. ;)
I have also been reading about how easy it is to crack weak wpa2 passphrases and I kind of want to try it now, especially on my own network.