This article is presented as part of hacking + solution track for Wireless Security Expo 2008. The hacking video is available here .

Deauthentication is the most common form of 802.11 protocol denial-of-service (DoS) attack.  After watching the Deauthentication video, you can see that performing this type of attack takes seconds using common and user-friendly software and hardware, can wreak havoc on a network, and can be used as part of other types of wireless network attacks.  Deauthentication frames are considered notifications, not requests, which means any associated station or AP that receives a deauthentication frame must comply.

This article is presented as part of hacking + solution track for Wireless Security Expo 2008. The hacking video is available here .

By watching the "Cracking Cisco LEAP" video, you will discover just how insecure LEAP is.  It takes only seconds to break using any reasonable dictionary file and commonly available and user-friendly software tools. 

Cisco just released an article talking about how greater diligence is needed toward home Wi-Fi security.

http://www.marketwire.com/mw/release.do?id=817510

No doubt about it - they're right.  So what is the market supposed to do?  We have Wi-Fi Protected Setup (WPS) that dumbs Wi-Fi security down to a point where any chimpanzee could configure it.  In my humble opinion, configuring WPA2-Personal with a strong passphrase is almost that easy as well when you're dealing with a SOHO class AP or WLAN router.  I'm not sure it can get any easier from a technical standpoint.  Hey, wait, I've got an idea - EDUCATION!

So far, all we have is Wireshark and a hot-rodded version thereof called Airpcap by Cace Technologies.  I'd love to see some of the vendors that we've been using for some time now (e.g. AirMagnet, Wildpackets, Tamosoft, AirDefense, Network Chemistry (now Aruba), and even Fluke Networks) come out with a made-for-Linux version of their laptop-based protocol analysis software.  Why?  Because I think that Microsoft is going to bite the dust with Vista.  I hate Vista, though I've always been a big fan of XP/sp2.  Everyone I know that has used Vista hates Vista - and complains constantly.  I'm reasonably sure that Vista even has a bad case of self-loathing.  With no reasonable path forward with the Windows operating system, that leaves us poor networking junkies with two equally scary choices:

MAC or Linux

I've recently had the good fortune to play with a WLAN system from Ruckus Wireless, a WLAN infrastructure company focused primarily on SMB and broadband operators.  Besides having a user interface to die for, it's also a snap to deploy...and when i say "snap", I'm literally talking a couple of minutes.  You plug it in, wait for it to boot up, and by the time you've located the default login parameters, the APs have discovered the controller and all is operational.  Upon initial login, you set up your initial WLAN profile with a wizard that seems to be made for 3 year olds.  Once completed, you find yourself at a loss for words...or actions.  There's nothing left to do unless of course you have a diverse array of user groups, each with different connectivity and security needs.  If you have one of those "nightmare" scenarios (like so many administrators do), prepare to spend at least another 3 minutes configuring the controller...yes, minutes.

Everything seems to be self-configuring.  AP connectivity, channels, power - you name it, it's all automagic.  Having said all of that, I saved the best for last.