How would you use Radius/802.1x technology without certificates? Carl
-----Original Message----- From: Mike French [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2008 5:09 PM To: NT System Admin Issues Subject: RE: WiFi setup If you are forced to WPA/WPA2 use a Max length pass phrase with randomized Upper lower, Numbers, Special Characters (you know the drill). It might take the sting out of the crackers.... Anything with pre-shared keys is crackable given enough time and processor power. I don't think 802.1x with Radius is susceptible, provided you are using certificates. -----Original Message----- From: Marc Maiffret [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2008 3:04 PM To: NT System Admin Issues Subject: RE: WiFi setup You shouldn't have any problems then. It is more of a track record on WEP/WPA and related that is to worry about, but you can always handle that when the time comes. Currently the only WPA2 that can be cracked is that which uses pre-shared keys. Marc Maiffret Founder/CEO Invenio Security Security Services & Training http://www.inveniosecurity.com > -----Original Message----- > From: Chyka, Robert [mailto:[EMAIL PROTECTED] > Sent: Monday, June 30, 2008 12:35 PM > To: NT System Admin Issues > Subject: RE: WiFi setup > > We have cisco 440r controllers and a acs appliance. We use WPA2 with > 8021.X for authentication against our active directory.. > > -----Original Message----- > From: "Carl Houseman" <[EMAIL PROTECTED]> > To: "NT System Admin Issues" <[email protected]> > Sent: 6/30/08 3:17 PM > Subject: RE: WiFi setup > > I wouldn't worry about separate IPSEC if your Wi-Fi hardware supports > WPA2 and uses a 802.1x (Radius server) for client authentication. > > In fact, if you go for 802.11n, you're required to use WPA2 to get the > "n" throughput boost. > > Carl > > -----Original Message----- > From: Chyka, Robert [mailto:[EMAIL PROTECTED] > Sent: Monday, June 30, 2008 1:56 PM > To: NT System Admin Issues > Subject: RE: WiFi setup > > Do you have any good reference sites or docs on how to design and > engineer this? > > Thanks! > > -----Original Message----- > From: "Marc Maiffret" <[EMAIL PROTECTED]> > To: "NT System Admin Issues" <[email protected]> > Sent: 6/30/08 1:54 PM > Subject: RE: WiFi setup > > Do not forget to use IPSEC or related to secure access between WiFi > systems > and your main network. Almost all of the built-in WiFi protection > mechanisms > such as MAC filtering, WEP, disabling broadcast, etc are all prone to > attacks. > > Marc Maiffret > Founder/CEO > Invenio Security > Security Services & Training > http://www.inveniosecurity.com > > > > -----Original Message----- > > From: David W. McSpadden [mailto:[EMAIL PROTECTED] > > Sent: Monday, June 30, 2008 6:51 AM > > To: NT System Admin Issues > > Subject: WiFi setup > > > > I get to build a whole new datacenter for the Credit Union. > > Yeah. > > I am pretty good on everything with the exception that the new > > datacenter will have to have WiFi built in > > I am looking at 802.11g for now but I thought n was coming out. > > Does anyone have any comments on how to WiFi a 4000sqft building with > 3 > > floors? > > > > > > > > > > > > > > > > Data Security is everyone's responsibility. > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
