Doesn't 802.1x use EAP? If so then EAP-TLS is just one way of authenticating the client...
Cheers Ken > -----Original Message----- > From: Carl Houseman [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 1 July 2008 7:16 AM > To: NT System Admin Issues > Subject: RE: WiFi setup > > How would you use Radius/802.1x technology without certificates? > > Carl > > -----Original Message----- > From: Mike French [mailto:[EMAIL PROTECTED] > Sent: Monday, June 30, 2008 5:09 PM > To: NT System Admin Issues > Subject: RE: WiFi setup > > If you are forced to WPA/WPA2 use a Max length pass phrase with > randomized Upper lower, Numbers, Special Characters (you know the > drill). It might take the sting out of the crackers.... Anything with > pre-shared keys is crackable given enough time and processor power. I > don't think 802.1x with Radius is susceptible, provided you are using > certificates. > > > -----Original Message----- > From: Marc Maiffret [mailto:[EMAIL PROTECTED] > Sent: Monday, June 30, 2008 3:04 PM > To: NT System Admin Issues > Subject: RE: WiFi setup > > You shouldn't have any problems then. It is more of a track record on > WEP/WPA and related that is to worry about, but you can always handle > that when the time comes. Currently the only WPA2 that can be cracked is > that which uses pre-shared keys. > > Marc Maiffret > Founder/CEO > Invenio Security > Security Services & Training > http://www.inveniosecurity.com > > > > -----Original Message----- > > From: Chyka, Robert [mailto:[EMAIL PROTECTED] > > Sent: Monday, June 30, 2008 12:35 PM > > To: NT System Admin Issues > > Subject: RE: WiFi setup > > > > We have cisco 440r controllers and a acs appliance. We use WPA2 with > > 8021.X for authentication against our active directory.. > > > > -----Original Message----- > > From: "Carl Houseman" <[EMAIL PROTECTED]> > > To: "NT System Admin Issues" <[email protected]> > > Sent: 6/30/08 3:17 PM > > Subject: RE: WiFi setup > > > > I wouldn't worry about separate IPSEC if your Wi-Fi hardware supports > > WPA2 and uses a 802.1x (Radius server) for client authentication. > > > > In fact, if you go for 802.11n, you're required to use WPA2 to get the > > "n" throughput boost. > > > > Carl > > > > -----Original Message----- > > From: Chyka, Robert [mailto:[EMAIL PROTECTED] > > Sent: Monday, June 30, 2008 1:56 PM > > To: NT System Admin Issues > > Subject: RE: WiFi setup > > > > Do you have any good reference sites or docs on how to design and > > engineer this? > > > > Thanks! > > > > -----Original Message----- > > From: "Marc Maiffret" <[EMAIL PROTECTED]> > > To: "NT System Admin Issues" <[email protected]> > > Sent: 6/30/08 1:54 PM > > Subject: RE: WiFi setup > > > > Do not forget to use IPSEC or related to secure access between WiFi > > systems > > and your main network. Almost all of the built-in WiFi protection > > mechanisms > > such as MAC filtering, WEP, disabling broadcast, etc are all prone to > > attacks. > > > > Marc Maiffret > > Founder/CEO > > Invenio Security > > Security Services & Training > > http://www.inveniosecurity.com > > > > > > > -----Original Message----- > > > From: David W. McSpadden [mailto:[EMAIL PROTECTED] > > > Sent: Monday, June 30, 2008 6:51 AM > > > To: NT System Admin Issues > > > Subject: WiFi setup > > > > > > I get to build a whole new datacenter for the Credit Union. > > > Yeah. > > > I am pretty good on everything with the exception that the new > > > datacenter will have to have WiFi built in > > > I am looking at 802.11g for now but I thought n was coming out. > > > Does anyone have any comments on how to WiFi a 4000sqft building > with > > 3 > > > floors? > > > > > > > > > > > > > > > > > > > > > > > > Data Security is everyone's responsibility. > > > > > > > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
