Tuesday, August 24, 2010

Hole 196 WPA2-security leak who cares?

Network World recently published an article, the airtight security issue for encryption WPA2 Enterprise researchers found. It refers to the vulnerability hole 196, because was discovered this vulnerability on page 196 IEEE 802 11. keep in mind that WPA2 is as one of the safest available today is the wireless encryption. Is so this great, great neuigkeiten.Right?well, maybe not.

If you are interested, find the details of the exploit are read, it works, the poor guy must be authenticated and authorized to begin with the WPA2 network. Once enabled, the user can then decode exploits and/or attacker from injecting packets in "safe" wireless traffic other people to injizieren.So that the person must be first verified means that you need confidence at least a little.the other thing is that it was never really to WPA2 meant the end all in encryption. People forget.

These types of wireless security exploits make for good news, because you are business leaders in panic, because you do not, WPA2 and all wireless encryption methods understand what. Wireless encryption is implemented so that the wireless connection of the device (iPad, laptop, etc.) is as safe as a cable connection.So far the part of set up a WPA2 wireless connection was much sicherer.Denken remember, when dumped is the data on a cable connection, most wired traffic unless you are tunneling with something like IPSec or GRE network level blueprint with this new vulnerability, if necessary, your internal users able to smell and transport encoded... so how you now on your LAN connection to manipulate you. Is this new security issue? Now, it is not good, but is also not the end of the world as some will tell you.

This is the kind of thing, so often with network Ingenieure.Oft, when I design meetings seats, subject to the end-to-end encryption for an application, on the Netzwerk.Jeder your applications at the network level want for a hotel in crazy complex point to encryption solutions.My answer has always been to build, "If you applications that securely encrypted, why not look at the applications that sure take?" Application developers have ever SSH or SSL "the point is, focused not on WPA2 encryption methods such as."Your data.Security of the data at the application level first locked "and then we'll talk."

CCNA, CCSP CCNP, CCDP, Andrew Fröhlich CCNA VOICE, F5 systems engineer, is consultancy the Chairman of the Porte Ouest networks, a network and it based in Chicago.

0 comments:

Post a Comment