[Dshield] Wireless broadcasts

Michael Cox mscox at ti.com
Wed Jun 29 05:21:12 GMT 2005

For a) below I would add that WPA-PSK is vulnerable to an offline
dictionary attack, so the PSK should be long and complex.

See also:

On Tue, 2005-06-28 at 16:10 -0400, John B. Holmblad wrote:
> Aaron,
> a WPA or WPA2 compliant device, by definition, supports two alternative 
> modes for authentication:
>     a) pre-shared key authentication mode which is secure but not
>     scalable because it requires the sysadmin to install the pre-shared
>     key in each device (Access Point or client/supplicant) that is to be
>     secured. The major benefit of this mode of operation is that the
>     wireless medium can be secured without the need for an
>     authentication server such as Microsoft IAS or some other RADIUS
>     type of server that also supports necessary 802.11i protocol components.
>     b) 802.1X authentication mode which is both secure AND scalable
>     because it makes use of an authentication server/service such as
>     that provided by RADIUS with the necessary 802.11i protocol support. 
> Best Regards,
> John Holmblad
> Televerage International
> (H) 703 620 0672
> (M) 703 407 2278
> (F) 703 620 5388
> primary email address:     jholmblad at aol.com
> backup email address:      jholmblad at verizon.net
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

More information about the list mailing list