Introduction to Securing a Wireless Network.

[TheX1le]

While i understand most of this (i love wifi) i think that hiding the ssid is pointless infact i have a great pdf on it that i will be happy to post. its public domain if remember correctly goes in to great depth about it. My question though is where does WPA2 fit into all of this. It kind of came out of left field. WPA supports 802.11i as well as AES and TKIP. WPA2 supports 802.11i and AES. So what can WPA2 do that WPA cant? What was the purpose of its creation. My wrt54g has the ability to use it but with the wrt54g already set up to use WPA AES PSK and some tweaking to its broadcast power i fall to see how WPA2 would make it any more secure. Here is a link to info on wpa2 if im missing something please fill me in. -TheX1le

Edit: a bit more research turned up the answer to my question.

"Let's start by looking at what is not different. First, WPA2 and 802.11i are the same. WPA2 is the name used by the Wi-Fi Alliance, whereas 802.11i is the name given to the standard by the IEEE. You may also see the term RSN, Robust Security Network, which is part of WPA2/802.11i but is often used interchangeably.

Second, WPA and WPA2 can use the same authentication methods, becausethey are all EAP based. EAP stands for Extensible AuthenticationProtocol and, as the name suggests, many different protocols can bebuilt on top of EAP. So both EAP/TLS as well as EAP/PEAP-MSCHAPV2 willwork both for WPA and for WPA2.

A key difference between WPA and WPA2 is the underlying encryptionmethod. For WPA this is TKIP/RC4, for WPA2 this is CCMP/AES. AES is theAdvanced Encryption Standard and is used by the US Department ofDefence as a replacement for older encryption standards. It is very secure. AES can be used in several modes - CCMP is the mode used by WPA2. You will see both terms used interchangeably.

RC4 is the cypher on which the older WEP standard is based (to beconsistent we should call it WEP/RC4 here, WEP being the way the RC4cypher is used). RC4 has some key vulnerabilities, that make itdifficult to design secure encryption using that cypher. It is these vulnerabilities that led to the demise of WEP/RC4... so how can aTKIP/RC4 be secure? Because TKIP uses the RC4 cypher in such a way thatthe vulnerabilities that are in the cypher do not materialize. So eventhough WEP/RC4 ("WEP") and TKIP/RC4 ("WPA") are based on the sameunderlying cypher, one is considered secure and the other is not.

Having said that, the new CCMP/AES is preferable over TKIP/RC4. Alsonote that you will not normally see the term RC4 being used in access points or wireless software." inquotes is not my words. My only problem with this running stock firmware my wrt54g can use AES. So I dont see much of a difference.