WPA explored

I have been doing a little research on the subject of WPA

wireless protection. A good description

of WPA along with its relative Pros and Cons can be found here, courtesy of Netgear.

As confirmed in this article on Wi-Fi Net News,

WPA has been broken. This refers to the preshared-key

implementation of WPA (WPA-PSK), however it doesn’t seem that certificate based

WPA (802.1x RADIUS authentication) is vulnerable to this attack. Having not used RADIUS authentication

previously, I was interested to see how much work would be required to get this

up and running. I stumbled upon a great

three part article from Linux Journal. The link provided is for the third instalment,

I would suggest reading this part first, just to get an idea of what is

involved and how it all works.

RADIUS authentication is an interesting prospect, with the

possibility of using it for other purposes such as PPTP (VPN) connection auth

and Windows login. The

server can be set

up so that it logs to an SQL database, making reporting quite

simple. It would be interesting to hear from anyone who has this

type of system in place.