Homework

profilesinister670
Homework_010.docx
Home>Information Systems homework help>Homework

300 Words Minimum

Vulnerability testing WPA-PSK uses a pass-phrase for authentication. Examine whether this protocol is vulnerable to password guessing attacks. Cite sources.

Reply to discussion minimum 200 words each

1st Discussion to reply

Vulnerability testing WPA-PSK uses a pass-phrase for authentication. Examine whether this protocol is vulnerable to password guessing attacks. Cite sources.

 

Yes, WPA-PSK is vulnerable to brute-force cracking attempts. The success of an attack is correlated to passphrase complexity. In other words, the longer and more complex pass phrases will take longer to crack, whereas shorter and simpler pass phrases will take less time (Geier, 2018). 

 

Part 2: What did you like most and least about the class?

 

The most enjoyable aspect of the course has been the ability to accomplish most of the work on my own time. This level of flexibility was not expected of my first in-person class and is certainly appreciated! 

 

Secondly, having a professor that is equally flexible and understanding of adult life and all the trappings it encompasses is refreshing. I hope my future courses can equal the positivity of this one.

 

Oh, and the subject matter has been pretty cool, too!

 

What I liked least about the course was the ambiguity with respect to what hardware/software was required. Over time I figured it out, but initially I was unsure of what I should be bringing to class or using, being an IT-focused degree and all. But to be fair, this could be an oversight on my part and not attributable to anything the school did. I’ll definitely go into the next course reading more and asking questions. 

 

Thanks to the professor and my classmates for your help and direct contributions to our collective success in the course. You have all been wonderful and I hope we attend other courses together! Thanks again and best wishes for your future academic, professional and personal success. 

 

Cheers,

Keith

 

 

 

References:

 

Geier, E. (2018, November 2). What is WPA3? And some gotchas to watch out for in this Wi-Fi security upgrade. Retrieved from https://www.networkworld.com/article/3316567/what-is-wpa3-wi-fi-security-protocol-strengthens-connections.html.

2nd Discussion to reply

This week’s discussion board is about how WPA-PSK uses a pass-phrase for authentication and whether this protocol is vulnerable to guessing attacks. The short answer is yes, WPA-PSK is vulnerable to password guessing attacks. Many things are vulnerable to password guessing attacks, which is why we are always told, at least within the DoD, that we need to have a minimum number of characters with so many uppercase letters and lower-case letters and numbers and special characters. It makes guessing our passwords, especially using dictionary attacks that much harder. Would you believe that even then the passwords aren’t always secure enough? I heard about a study once, and if you need a reference, I will spend a little more time trying to produce it, that folks will do just as the password requirement asks. They will have two short words, both that start with a capital letter, and then end the password with two numbers and two special characters.

Let’s get back on topic though. WPA stands for WiFi Protected Access, so we know that these types of attacks are going to happen to a WiFi network. PSK stands for Pre-Shared Keys, it is a 256-bit value and what it does is it authenticates everyone using the WiFi network with the same secret passphrase which is configured into the Wireless Access Point. Once you are connected to the wireless access point, that wireless access point will send periodic “handshakes” to the connected device that is transparent to the user, but those pesky crackers know it’s happening.

Those crackers will use tools like aircrack, or coWPAtty or Cain & Abel to capture that “handshake” and try to guess what the passphrase is. These tools can make light work of the guessing too, especially if your passphrase is short or all letters. In my experience, it’s the IT and cyber security professionals who are the worst at listening to their own advice too. It’s important to keep security in mind when creating passphrases and passwords because you could be saving yourself a lot of time and headache if you were to become the victim of an attack.

References

How to Hack WiFi (Wireless) Network. (n.d.). Retrieved from https://www.guru99.com/how-to-hack-wireless-networks.html.

Phifer, L. (n.d.). Retrieved from http://www.practicallynetworked.com/security/041207 wpa_psk.htm.

Understanding PSK Authentication. (2019, January 8). Retrieved from https://www.juniper.net/ documentation/en_US/junos-space-apps/network-director3.0/topics/concept/wireless-wpa-psk-authentication.html.