The recently announced improved version of the original Beck-Tews attack on WPA/TKIP appears to have put the wireless security community in a tizzy again.  In this post, I argue that the new attack is neither groundbreaking in academic terms, nor is it more worrying in practical terms.

The proposed attack assumes (somewhat unrealistically) that the AP and client cannot hear each other but the attacker can hear both (and can thus act as a man-in-the-middle).  In terms of attack speed as well, it is actually slower than the original attack under its stated assumptions.

Read more…

Deepak Gupta Wireless security MIM, TKIP, Wireless security, WPA

Metasploit Framework integrated with KARMA! Metasploit is most potent security penetration and exploit development platform, while KARMA is a potent Evil Twin (Honeypot) tool with attracts unassuming wireless clients. With this integrated tool, it is all the more easier to establish wireless connectivity with probing wireless clients and “Metasploit” them.
http://trac.metasploit.com/wiki/Karmetasploit
http://blog.trailofbits.com/karma/ Read more…

Hemant Chaskar Best practices, Wireless security evil twin, honeypot, KARMA, metasploit, MIM, misassociation, WIPS