Home Home > 2010 > 04 > 20 > Check your WPA2 Enterprise setup
Sign up | Login

Check your WPA2 Enterprise setup

April 20th, 2010 by

Do you have to enter user name and password to establish a link with
your wireless network? If so chances are good that WPA2 Enterprise
with EAP-TTLS or PEAP are used. Sounds familiar? Better check your
setup then. An attacker might easily impersonate your access point
and steal your password if the client you are using isn’t configured
properly.
You are likely vulnerable if you’ve disabled certificate checks
or you’ve checked some button to use a public CA but didn’t specify
any “Subject” or “Common Name” that has to match. NetworkManager for
example doesn’t even allow to enter the latter.
Read more in the paper I’ve written.

Both comments and pings are currently closed.

One Response to “Check your WPA2 Enterprise setup”

  1. Yes I have Been to Seminars on Security and Wireless can be a very week Entry Point!