antdudeA Ninja AntPremium,VIPReviews:
reply to SoonerAl
Re: WPA-PSK [TKIP] + WPA2-PSK [AES]?
said by SoonerAl:Thanks. Passphrases are basically the same as passwords (should be long and not in a pattern).
Well, of course its safe as long as you use sufficiently long encryption keys/passwords/pass-phrases. This also depends on your clients, ie. can they only use WPA for example versus WPA2. Its best, obviously, to use WPA2 if at all possible.
FWIW here are my wireless security guidelines for home users.
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.
If all client stations support it, you should force WPA2 AES.
AnavSarcastic Llama? Naw, Just AcerbicPremium
sbsonslt, concur but as long as you follow Sooner Als advice about passphrases - (I usually blab about completely random password of +20 characters using letters caps and not, numbers and symbols), but of course 48 is better!! I also tend to remind folks the same should be applied to router password (random as long as possible).
Considering the history of the attack landscape against wireless access points, brute force per se has actually been an unlikely scenario. The protocols themselves have always been the target.
Aircrack was a statistical attack against predictable factors in the WEP cipher's mode of operation, it involved some brute forcing of large numbers of cipherblocks but it could not have succeeded if not for weaknesses peculiar to WEP. And the recent Reaver was an attack on a (really stupid) design weakness in WPS, essentially a side channel attack bypassing a passphrase of any strength.
So my point is, concerning wireless security, the priority should be (1) use the right security configuration, (2) choose a strong passphrase, in that order, because that is the priority order of the threat.
Scott Brown Consulting