Tuesday 16 December 2008

Aruba offers quite secure WEP authentication

Even though we know that WEP is already broken, but still better than deploying wireless without encryption at all. Deploying an Aruba network significantly reduces an attacker’s ability to crack WEP. 

Cuurently, the WEP cracking tools such as (Airsnort, WEPcrack) rely on packets with weak initialization vectors (IVs) in order to conduct analysis. Aruba controllers will not generate packets with weak IVs – thus all downstream packets will be unusable for cracking purposes

Some other cases, clients will still generate weak IVs – small percentage of client traffic will contain packets with weak IVs. A determined attacker will eventually crack the WEP key – though it may take weeks using client traffic alone. - Wireless Zone

For more secure authentication, you have an option to use 802.1x type of authentication and enhance with WPA2 encryption offered by Aruba Controller.

No comments:

Post a Comment