François Vergès discusses Wi-Fi security and securing the access to the Wi-Fi network.

On episode 56, we have talked about the legacy Wi-Fi security mechanisms and we explained why they are not considered safe and secure anymore and why we should not be using them in our modern Wi-Fi networks deployments.

In this follow up episode, we want to start going over the stronger and safer way to secure a Wi-Fi network. We are focusing on how the client devices can securely connect and exchange data over a Wi-Fi network.

This episode will answer the following questions:

* How does a client station securely connect to a Wi-Fi network?

* What is WPA?

* What is the difference between WPA and WPA2?

* How does the Personal and Enterprise mode of operation work?

* What is 802.1X and how is it related to Wi-Fi security?

* What is required in order to authenticate client devices using 802.1X?

* What is the 4-way handshake?

* What are the secured EAP methods?

* What do we need to do in order to securely use WPA/PA2-Personal?

* What is considered a strong password?

* How does a client station securely exchange data over the Wi-Fi network?

Resources

Here are the links to the videos we talked about during this episode:

* 4-way handshake video from CWNP by Marcus Burton

* Authentication and key management video from CWNP by Marcus Burton

* WPA and WPA2 video from CWNP by Marcus Burton

* Setup FreeRadius:

* http://www.semfionetworks.com/blog/setup-freeradius-on-kali-linux-for-8021x-authentication

* https://www.packet6.com/install-freeradius-ubuntu-server/

Here are a couple of diagrams related to the Wi-Fi security topic:

* Wi-Fi Security Timeline

* 802.1X Example:

 

 

If we want to dive deeper into the topic of Wi-Fi security, you can read the following book:

* CWSP Book

Other resources we talked about:

* SANS strong password guidelines

Password generation website: xkpasswd.net