Penetration Testing mailing list archives
RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects
From: "Malick Sy" <sy_malick () hotmail com>
Date: Fri, 5 Mar 2010 10:31:37 +0100
Le jeudi 04 mars 2010 à 16:02 +0100, Malick Sy a écrit :
All in all leads to a major admin nightmare, to circumvent this, you use a captive portal which forces users to authenticate securely via local database, RADIUS or whatever flavour AAA is installed..
--------------------- And what using WPA/WPA2 in enterprise mode, aka EAP authentication to a RADIUS server ? Now your captive portal has no advantage whatsoever. Only drawbacks... ----------------- Not sure what you mean Cedric, please rephrase, remember we are talking wireless hotspots not paranoid banks, so we probably dont want to start with the EAP/PEAP/ encrytpion saga.....WPA/WPA2 (802.11x) also require supplicants (Yes Windows ships wirth one) but this is all a nightmare....captive portals are deployed in airports, hotels, conference centres all over the world....I think they are quiet advantageous to the people using them For security, it is possible to configure the guest wireless devices to be in separate vlans (via RADIUS auth), but my point is in 10 years of deploying productiuon networks, I have not come across a captive portal or hotspot scenario using WPA or WPA2...if u are a serious user anywya, u will know to start ur ipsec vpn client soon as u connect to a public wifi hotspot. Coupled with good host security, u should be home scott free! ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Chip Panarchy (Mar 03)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Tim (Mar 04)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Zaki Akhmad (Mar 04)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Jon Janego (Mar 04)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Malick Sy (Mar 04)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Cedric Blancher (Mar 04)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Malick Sy (Mar 08)
- Re: RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Cedric Blancher (Mar 11)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Cedric Blancher (Mar 04)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects debiantech (Mar 08)