Differences between version 11 and previous revision of MeetingTopics.2005-08-22.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 11 | Last edited on Tuesday, August 23, 2005 11:26:26 am | by CraigBox | Revert |
Older page: | version 10 | Last edited on Tuesday, August 23, 2005 11:10:37 am | by CraigBox | Revert |
@@ -32,18 +32,18 @@
[WPA] - Wi-Fi Protected Access
* Wi-Fi Alliance assembled a part of the upcoming [802.11i] standardin 2003
* [TKIP] for encryption
-* per-user, not per-device authentication and key distribution framework ([802.1x
])
+* per-user, not per-device authentication and key distribution framework ([802.1X
])
* Extensible Authentication Protocol ([EAP])
* Can still use Pre-Shared Keys ([PSK])
[TKIP]
* [RC4] based
* Per-packet keying, [IV] changes, broadcast key rotation to get around [WEP] insecurities
* Message Integrity Check ([MIC]) to prevent [MITM] attacks
-[802.1x
]
+[802.1X
]
* [IEEE] standard for port-based authentication
* Strong mutual authentication between client and auth server
* Authenticates a client through user-supplied credentials, rather than a computer
@@ -62,9 +62,9 @@
[WPA2]
* Full [IEEE] [802.11i] standard
* Ratified in July 2004
-* [TKIP], [802.1x
]/[EAP]
+* [TKIP], [802.1X
]/[EAP]
* Added [AES] encryption
[AES]
* Counter cipher-block chaining mode ([CBC]), as opposed to [WEP]'s single stream cipher
@@ -119,16 +119,16 @@
* Many [AP]s now support VLAN tagging
* Per-port (per [AP])
* [MAC] address (per physical computer - bad)
* Per [SSID] ([SSID]s are sniffable)
-* Per user (via [802.1x
])
+* Per user (via [802.1X
])
Rogue [AP] detection
* Network only secure as long as you control all aspects of it
* insecure [AP]s without strict security controls can cause major security breaches
-Implementation of WPA-RADIUS with 802.1x
via FreeRadius
+Implementation of WPA-RADIUS with 802.1X
via FreeRadius
See also:
* [How to set up a wireless network using Windows server WPA and RADIUS|http://www.hansenonline.net/Networking/wlanradius.html]