EAPeak Tests Wireless Networks For Authentication Weaknesses

A free new tool from security vendor SecureState may make it possible for wireless network administrators and security consultants to verify how strong their wireless authentication is and whether it is possible for attackers to easily penetrate their networks. EAPeak is a simple Python toolkit that will monitor access attempts to a wireless network and track how clients are attempting to authenticate.

June 9, 2011

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

A free new tool from security vendor SecureState may make it possible for wireless network administrators and security consultants to verify how strong their wireless authentication is and whether it is possible for attackers to easily penetrate their networks. EAPeak is a simple Python toolkit that will monitor access attempts to a wireless network and track how clients are attempting to authenticate.

Rather than operating as an aggressive penetration testing tool meant to exploit weaknesses, EAPeak simply watches the network passively and gathers information on the clients logging into the network (including user names and identity strings that are sent in the clear) and what type of authentication is used. The idea behind the tool is that, by knowing how the wireless network authenticates, it can provide information on network security and how it could potentially be subverted.

The main focus of EAPeak is the Extensible Authentication Protocol used for authentication by modern wireless networks and devices. There are multiple types of EAP that can be supported by devices, including EAP-TTLS, EAP-TLS, PEAP and LEAP, and depending on the devices connecting to the network, wireless access points can choose to authenticate a client using a number of different versions of EAP.

According to SecureState Profiling Consultant and EAPeak lead developer Spencer McIntyre, the company recognized a need for this type of tool for security personnel and network administrators: "There aren't a lot of tools out there that are focusing on this specific type of wireless network authentication. This is necessary because, when penetration testers are looking at wireless networks, the attacks that are available to them vary greatly based on what types of authentications are used."

This release of EAPeak is free and can be downloaded from the SecureState website. McIntyre says EAPeak is simply the first in a series of new tools in this area, and he expects future tools to include more active penetration and injection capabilities.

See more on this topic by subscribing to Network Computing Pro Reports Fundamentals: Wireless Mesh Networks (subscription required).

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Enterprises investing in new infrastructure to support AI will have to choose between InfiniBand and Ethernet
Enterprise Connectivity
The Impact of AI on The Ethernet Switch MarketThe Impact of AI on The Ethernet Switch Market
byPam Baker, Contributing Writer
Sep 16, 2024
5 Min Read
Blue and purple digital cloud connecting apps and services with campus NaaS.
NaaS
Campus NaaS: Remaking the Campus NetworkCampus NaaS: Remaking the Campus Network
bySalvatore Salamone, Managing Editor, Network Computing
Jul 31, 2024
4 Min Read
DPUs are extensively used to accelerate AI and ML workloads by offloading tasks such as neural network inference and training from CPUs and GPUs.
Network Infrastructure
Harnessing DPUs & How DPUs are Changing Data CentersHarnessing DPUs & How DPUs are Changing Data Centers
byBob Wallace, Featured Writer
Jul 30, 2024
10 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events