Re: FW: Reporting security issues in 802.1X Wi-Fi configuration instructions

["King, Ronald A." <raking () NSU EDU>]

We are not on EDUROAM. So, no, it does not apply. I suspect they went through our wireless instructions we have on our 
website.

The link contains basic endpoint configuration to validate certificates. Standard stuff. It is at 
https://drive.google.com/file/d/1aPX0uAGZuKICWupABwlZBZGVjWdrhCH6/view?usp=sharing

Thank you,
Ronald King
Director of OIT Security

With Office 365, you can report a message as phishing or junk. Using Outlook in a web browser or the mobile Outlook 
app, start by clicking/tapping "Junk/Report Junk!"

Office of Information Technology
(757) 823-2916 (Office)
raking () nsu edu<mailto:raking () nsu edu>
www.nsu.edu<http://www.nsu.edu/>
@NSUCISO (Twitter)
[NSU_logo_horiz_tag_4c - Smaller]

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Blake Brown
Sent: Wednesday, August 4, 2021 11:25 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] FW: Reporting security issues in 802.1X Wi-Fi configuration instructions

CAUTION:  This email originated from OUTSIDE of the organization. Do not click links or open attachments unless you 
recognize the sender and know the content is safe!
We have not received this one yet but we are also not an Eduroam user. Does this only apply to Eduroam? If not can you 
share their recommendations with the group?


Thanks,
Blake

________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of Scott Gennari <sgennari () SIMONS-ROCK EDU<mailto:sgennari () SIMONS-ROCK EDU>>
Sent: Wednesday, August 4, 2021 8:10 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] FW: Reporting security issues in 802.1X Wi-Fi configuration instructions

External Email

FYI we received an email from the same sender with valid information on
our configuration instructions.

Scott

--
Scott Gennari
ITS System Administrator
Bard College at Simon's Rock
84 Alford Road
Great Barrington, MA  01230
sgennari () simons-rock edu<mailto:sgennari () simons-rock edu>

On 8/4/21 10:40 AM, King, Ronald A. wrote:
> More an FYI then actual questions:
>
> Interesting one here. I deleted all the points of the lack of security in each's configuration and link to file. 
> Really nothing new, but is this person really associated with University of Iowa and Syracuse? Is he trying to 
> establish trust with the University?
>
> Thank you,
> Ronald King
> Director of OIT Security
>
> With Office 365, you can report a message as phishing or junk. Using Outlook in a web browser or the mobile Outlook 
> app, start by clicking/tapping "Junk/Report Junk!"
>
> Office of Information Technology
> (757) 823-2916 (Office)
> raking () nsu edu<mailto:raking () nsu edu>
> www.nsu.edu<http://www.nsu.edu>
> @NSUCISO (Twitter)
>
>
> -----Original Message-----
> From: hugohue () link cuhk edu hk<mailto:hugohue () link cuhk edu hk> <hugohue () link cuhk edu hk<mailto:hugohue () 
> link cuhk edu hk>>
> Sent: Wednesday, August 4, 2021 2:22 AM
> To: King, Ronald A. <raking () nsu edu<mailto:raking () nsu edu>>;
> Subject: Reporting security issues in 802.1X Wi-Fi configuration instructions
>
> CAUTION:  This email originated from OUTSIDE of the organization. Do not click links or open attachments unless you 
> recognize the sender and know the content is safe!
>
> Dear Sir/Madam,
>
> We are a group of security researchers from the Chinese University of Hong Kong (CUHK), the University of Iowa, and 
> Syracuse University. We are writing to you regarding some potential security threats in the enterprise Wi-Fi 
> configuration instructions prescribed by your institute. Specifically, when considering an attacker who sets up a 
> rogue impersonating AP to pretend to be the campus/eduroam Wi-Fi, we found that there's a chance for users who follow 
> the prescribed instruction to leak their SSO credentials. We inspected the Wi-Fi setup guides publicly available on 
> the institute's website and would like to point out the issues on each OS-specific setting accordingly.
>
> The following instructions prescribed are considered to be potentially insecure, ['Windows 10 (Campus Wi-Fi)', 
> 'Windows 7 (Campus Wi-Fi)', 'Android 7+ (Campus Wi-Fi)', 'Android 6- (Campus Wi-Fi)', 'iOS (Campus Wi-Fi)', 'Chrome 
> OS (Campus Wi-Fi)', 'Windows 8 (Campus Wi-Fi)']
>
> Windows 10 (Campus Wi-Fi): (Deleted)
>
> Windows 7 (Campus Wi-Fi): (Deleted)
>
> Android 7+ (Campus Wi-Fi): (Deleted)
>
> Android 6- (Campus Wi-Fi): (Deleted)
>
> iOS (Campus Wi-Fi): (Deleted)
>
> Chrome OS (Campus Wi-Fi): (Deleted)
>
> Windows 8 (Campus Wi-Fi): (Deleted)
>
> Please find below the link to a set of sample configuration instructions suggested by our research team for 
> mainstream operating systems including Windows 10, Windows 7, Android 6-, Android 7+, macOS, iOS, Chrome OS, to 
> secure the connection of enterprise Wi-Fi with PEAP or EAP-TTLS.
>
> If you think we have misunderstood the situation, or that you have any further follow-up questions, please feel free 
> to reach out to us and we would be more than happy to discuss with you.
>
> Thank you very much for your time.
>
> Yours faithfully,
> Hugo Hue
>
> Contact: hugohue () link cuhk edu hk<mailto:hugohue () link cuhk edu hk>
> Suggested instruction: https [://] drive [.] google.com/file/********************
>
> =====================================
> Research Assistant
> Department of Information Engineering
> Faculty of Engineering
> The Chinese University of Hong Kong (CUHK) =====================================
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
> person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
> and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community