François Vergès discusses Wi-Fi security and securing the access to the Wi-Fi network.
On episode 56, we have talked about the legacy Wi-Fi security mechanisms and we explained why they are not considered safe and secure anymore and why we should not be using them in our modern Wi-Fi networks deployments.
In this follow up episode, we want to start going over the stronger and safer way to secure a Wi-Fi network. We are focusing on how the client devices can securely connect and exchange data over a Wi-Fi network.
This episode will answer the following questions:
- How does a client station securely connect to a Wi-Fi network?
- What is WPA?
- What is the difference between WPA and WPA2?
- How does the Personal and Enterprise mode of operation work?
- What is 802.1X and how is it related to Wi-Fi security?
- What is required in order to authenticate client devices using 802.1X?
- What is the 4-way handshake?
- What are the secured EAP methods?
- What do we need to do in order to securely use WPA/PA2-Personal?
- What is considered a strong password?
- How does a client station securely exchange data over the Wi-Fi network?
Resources
Here are the links to the videos we talked about during this episode:
- 4-way handshake video from CWNP by Marcus Burton
- Authentication and key management video from CWNP by Marcus Burton
- WPA and WPA2 video from CWNP by Marcus Burton
- Setup FreeRadius:
Here are a couple of diagrams related to the Wi-Fi security topic:
- Wi-Fi Security Timeline
- 802.1X Example:
If we want to dive deeper into the topic of Wi-Fi security, you can read the following book:
Other resources we talked about:
Password generation website: xkpasswd.net