No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Defense Against Brute Force Attacks on Keys

Defense Against Brute Force Attacks on Keys

The brute force method is to search for a password by trying to use all possible password combinations. This method is also called the exhaustive attack method. For example, a 4-digit password that contains only digits may have a maximum of 10,000 combinations. The password can be decrypted after a maximum of 10,000 attempts. In theory, the brute force method can decrypt any password. The only problem is how to shorten the time used to decrypt a password. When a WLAN uses WPA/WPA2-PSK, WAPI-PSK, or WEP-Shared-Key as the security policy, attackers can use the brute force method to decrypt the password.

Defense against brute force attacks on key can prolong the time used to decrypt passwords to improve password security. An RU checks whether the number of key negotiation attempts during WPA/WPA2-PSK, WAPI-PSK, or WEP-Shared-Key authentication exceeds the configured threshold. If so, the RU considers that a user is using the brute force method to decrypt the password and reports an alarm to the central AP. If the dynamic blacklist function is enabled, the RU adds the user to the dynamic blacklist, discards all the packets of the user until the dynamic blacklist entry ages.

Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 118406

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next