Continuing on 802.11.....
Results 1 to 5 of 5

Thread: Continuing on 802.11.....

  1. #1
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672

    Continuing on 802.11.....

    ok....after the last post...and having no one answer me, I figured I would try again.

    The preferred method of securing 802.11 networks in a corporate environment is via EAP. Different companies implement it differently... Cisco using LEAP, M$ using PEAP....

    I am looking into using EAP/TLS(SSL) via a RADIUS server to auth users into a wireless lan. Has anyone done this with a non-commercial package... (i.e. FreeRADIUS or other GNU/GPL software) if so, what platform is it running on, what was the setup like ?
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  2. #2
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,743
    BUMP !

    i certainly am looking for other Ideas.. and certainly am interested in others experiences/comments..

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  3. #3
    Shadow Programmer mmelby's Avatar
    Join Date
    Jul 2002
    Location
    Ft. Myers, FL
    Posts
    291
    I don't know that I entirely agree with you on that. Per Gartner more large companies are using a VPN inside their WLAN. We decided to go that route also and are very pleased with the results. I know this doesn't answer your direct question but will hopefully add some insight to securing WLAN.
    Work... Some days it's just not worth chewing through the restraints...

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    321
    Well, i designed wireless net for a bank and i used a tacacs++ serv + hardware encryption modules. The tacacs setrv was simply running on a nt4 box (which suked but that is all they would give me) i know that there are several free raduis package out there specially *nix. I'd recommand using a sun station for the load can get pretty hefty on the box for the aaa.
    also i did not use 802.11 compatible equip since at that time the wep was not available.

    Hope that helps
    assembly.... digital dna ?

  5. #5
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    Originally posted here by mmelby
    I don't know that I entirely agree with you on that. Per Gartner more large companies are using a VPN inside their WLAN. We decided to go that route also and are very pleased with the results. I know this doesn't answer your direct question but will hopefully add some insight to securing WLAN.
    I am sure they are, but not everyone has those monetary resources available to them. I am fully aware on methods of securing, but I don't have the funding for high end VPN equipment merely for a WLAN. I could use PPTP and IPSEC or some other combination for the poor mans VPN but, What I was looking at was the next best thing. i.e. radius for auth(EAP/TLS(TTLS if its ever past draft stage)) and a backend dbase using a dynamic, randomly generated wep key program, with mac filtering.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •