AngryOxide is a wireless network scanner that attacks WiFi AP and records handshake sequence that can be later used to crack/recover WiFi password. It can be download from github, it is free…
I played with it and I see that IPfire is immune against the attack. That is good thing. I wonder what is the trick that IPfire uses to prevent this attack against BLUE interface. I have WiFi card in my IPfire and I run hostapd plugin.
I have found that it is easy for angryoxide to capture handshake for routers based on OpenWRT and some cheap home routers but it fails when it tries against routers from “big” ISP or IPfire gateway. What is the trick of IPfire that it is immune agains the attack? I am dis-pointed with results I see with OpenWRT routers but maybe that is only about default configuration…
Or it could be related to firmware running in WiFI hardware, that some hardware is vulnerable and other is immune. I mean firmware in the WiFi card, low-level firmware in the wireless hardware.
Update. IPfire is not really immune but I like the result I see… 
Maybe it is about clients too, that a weak client can be used for an attack. Anyway, IPfire is much harder to attack than OpenWRT devices… And there is always a way to capture a handshake of client that just connects to the AP, there is no way to prevent this.