Penguin
Recent Changes
Diff: MeetingTopics.2005-08-22
EditPageHistoryDiffInfoLikePages

Differences between version 11 and predecessor to the previous major change of MeetingTopics.2005-08-22.

Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History

Newer page: version 11 Last edited on Tuesday, August 23, 2005 11:26:26 am by CraigBox Revert
Older page: version 9 Last edited on Tuesday, August 23, 2005 12:03:45 am by PerryLorier Revert
@@ -32,18 +32,18 @@
  
 [WPA] - Wi-Fi Protected Access 
 * Wi-Fi Alliance assembled a part of the upcoming [802.11i] standardin 2003 
 * [TKIP] for encryption 
-* per-user, not per-device authentication and key distribution framework ([802.1x ]) 
+* per-user, not per-device authentication and key distribution framework ([802.1X ]) 
 * Extensible Authentication Protocol ([EAP]) 
 * Can still use Pre-Shared Keys ([PSK]) 
  
 [TKIP] 
 * [RC4] based 
 * Per-packet keying, [IV] changes, broadcast key rotation to get around [WEP] insecurities 
 * Message Integrity Check ([MIC]) to prevent [MITM] attacks 
  
-[802.1x
+[802.1X
 * [IEEE] standard for port-based authentication 
 * Strong mutual authentication between client and auth server 
 * Authenticates a client through user-supplied credentials, rather than a computer 
  
@@ -56,15 +56,15 @@
 [EAP] 
 * Extensible Authentication Protocol 
 * Allows different auth methods without infrastructure changes 
 * Originally designed for [PPP] connections, adapted for [LAN] ([EAPOL]) 
-* Many [EAPOL] auth protocols exist - [MD5], [TLS], [CHAP], [MS-CHAPv2], [SIM] (Subscriber Identify Module), [AKA] (Athentication and Key Agreement), [GTC] (Generic Token Card)  
-* Some methods add a tunnel for authentication information - [PEAP], [EAP-TTLS] (Tunneled [TLS]) 
+* Many [EAPOL|EAP ] auth protocols exist - [MD5], [TLS], [CHAP], [MS-CHAPv2], [SIM] (Subscriber Identify Module), [EAP- AKA|EAP ] (Authentication and Key Agreement), [GTC] (Generic Token Card)  
+* Some methods add a tunnel for authentication information - [PEAP], [EAP-TTLS|EAP ] (Tunneled [TLS]) 
  
 [WPA2] 
 * Full [IEEE] [802.11i] standard 
 * Ratified in July 2004 
-* [TKIP], [802.1x ]/[EAP] 
+* [TKIP], [802.1X ]/[EAP] 
 * Added [AES] encryption 
  
 [AES] 
 * Counter cipher-block chaining mode ([CBC]), as opposed to [WEP]'s single stream cipher 
@@ -119,12 +119,16 @@
 * Many [AP]s now support VLAN tagging 
 * Per-port (per [AP]) 
 * [MAC] address (per physical computer - bad) 
 * Per [SSID] ([SSID]s are sniffable) 
-* Per user (via [802.1x ]) 
+* Per user (via [802.1X ]) 
  
 Rogue [AP] detection 
 * Network only secure as long as you control all aspects of it 
 * insecure [AP]s without strict security controls can cause major security breaches 
  
  
-Implementation of WPA-RADIUS with 802.1x via FreeRadius 
+Implementation of WPA-RADIUS with 802.1X via FreeRadius  
+  
+See also:  
+  
+* [How to set up a wireless network using Windows server WPA and RADIUS|http://www.hansenonline.net/Networking/wlanradius.html]