Alan,
thank you for the response.
Because my authentication time is *so much* different than anything else
I have ever read, I am worring that perhaps even though the
authentication is successful, I am doing something wrong with some
certificate or policy that might end up compromising the security of the
system.
Probably I am not making much sense, however, if you think that this is
not a problem and this behavior looks normal to you, then it is good
enough for me.
Thanks,
Andrea
Alan DeKok wrote:
Andrea G Forte <[EMAIL PROTECTED]> wrote:
The problem is that it is taking too little time for the
authentication process to complete.
Why is that a problem?
In the attached file you can see one authentication process
captured using kismet and then parsed with Ethereal.
<sigh> Why is it impossible to run the server in debugging mode, and
to read the output? That will tell you ever so much more than
ethereal.
And the packet captures you've done are on the wireless side. The
RADIUS side is much more interesting.
As you cane see the time from Assoc. resp to the first encrypted
data packet is only 222 msec. About a year ago it was of the order
of one second (and all the literature says so). Has WPA2 improved
the authentication time so much?
If the user is authenticated, why do you care? If the whole EAP
process happens properly, why do you care?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
