Are Wireless Access Points a Threat to Your Network Security?
In a previous post I explained that AES is the encryption technology that provides the best chance of keeping your data secure and private. Even the United States' departments of intelligence use AES (with 192 or 256 bit key lengths) to encrypt ‘top secret’ digital information.
I want to follow-up here with a caveat on security for WiFi networks. In this case, instead of the security of transferred data, our focus is on gaining access to a wireless network despite password protection.
Brute-forcing Passwords
At the international Black Hat conference in 2011, German researcher Thomas Roth made available his software for cracking passwords on WPA-protected wireless networks. The software itself is of less interest than the fact Roth leveraged Amazon’s cloud computing service for 20 minutes at an estimated total cost of $5.40 to perform the crack.
You may say that enterprise wireless networks do not depend on WPA or WPA2 for their security and so are immune to such attacks; the threat is limited to home networks build around a wireless router.
Standard practice for enterprise wireless network setup is to use a network access server (NAS) with a RADIUS server as the authentication and authorization points for granting access to the network. This is where the other shoe drops with Roth’s software; massive cloud-computing power also makes it capable of cracking the MD5-hashed passwords used in the communication between the NAS and the RADIUS server.
Besides the usual lock-out rules on the access servers for attempts that exceed a threshold, you should also consider monitoring your access points to catch the patterns that imply persisting strategies to infiltrate your wireless network through brute-forcing.