Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects

From: Cedric Blancher <blancher () cartel-securite fr>
Date: Thu, 04 Mar 2010 22:16:31 +0100
Le jeudi 04 mars 2010 à 16:02 +0100, Malick Sy a écrit :

All in all leads to a major admin nightmare, to circumvent this, you
use a captive portal which forces users to authenticate securely via
local database, RADIUS or whatever flavour AAA is installed..


And what using WPA/WPA2 in enterprise mode, aka EAP authentication to a
RADIUS server ? Now your captive portal has no advantage whatsoever.
Only drawbacks...


-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE

Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: