Skill Level 2: Anyone with WEP / WPA-PSK Cracking Skills
While WPA and WPA2 eliminate many of the problems associated with WEP, they are still vulnerable to attack, particularly in their PSK form. Many people have already cracked WEP and Parts 1 and 2 of this series provided a step-by-step procedure.
Breaking the pre-shared key of WPA and WPA2 "Personal" is much harder and time consuming - especially if you are using AES encryption - but it is possible.
Countermeasure 8: Add Authentication
To address this emerging threat, users should implement authentication. Authentication adds another layer of security by requiring a client computer to "sign-in" to the network. Traditionally this has been done with a mix of certificates, tokens, or hand-typed passwords (also called Pre-Shared-Keys) that are negotiated with an authentication server.
802.1X provides the access control framework used by WEP, WPA and WPA2 and supports several EAP (Extensible Authentication Protocol) types that do the actual authentication. George Ou’s excellent article on Authentication Protocols contains probably more than you’d ever want to know about EAP, WPA and WPA2!
Configuring authentication can be a daunting and expensive task for networking professionals, let alone home networkers. At this year’s RSA conference in San Francisco, for example, many attendees didn’t bother to set up their wireless connection because of the full page of instructions they had to follow to do it!
You can download a free Linux Radius Server from the Free Radius Project. Another free option worth investigating for more experienced networkers is TinyPEAP, which adds a small RADIUS server supporting PEAP-based authentication into Linksys WRT54G and GS wireless routers. Note that since this firmware isn’t officially supported by Linksys, you’re on your own if you mess up your router while installing TinyPEAP.