Right. Its better to give crackers less information versus more. so
others do not get login credentials. Though, if certificates were
properly implemented, there would be mutual authentication
On Tue, Apr 7, 2009 at 8:12 AM, Arran Cudbard-Bell
a.cudbard-b...@sussex.ac.uk wrote:
-BEGIN PGP
I'm aware of an attack on a bank which had implemented EAP, and had
fun when a Pen tester was simply getting domain login credentials
without having to work much at all.
Could you maybe provide a rebuttal for this attack? and/or explain how
to make it especially secure?
On Tue, Apr 7, 2009 at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Bartell wrote:
Right. Its better to give crackers less information versus more.
so others do not get login credentials. Though, if certificates
were properly implemented, there would be mutual authentication
Exactly. The only attacks I know
Arran Cudbard-Bell a.cudbard-b...@sussex.ac.uk wrote:
Paul Bartell wrote:
Right. Its better to give crackers less information versus more.
so others do not get login credentials. Though, if certificates
were properly implemented, there would be mutual authentication
Exactly. The only
Paul Bartell wrote:
I'm aware of an attack on a bank which had implemented EAP, and had
fun when a Pen tester was simply getting domain login credentials
without having to work much at all.
Could you maybe provide a rebuttal for this attack? and/or explain how
to make it especially secure?
Paul Bartell paul.bart...@gmail.com wrote:
I'm aware of an attack on a bank which had implemented EAP, and had
fun when a Pen tester was simply getting domain login credentials
without having to work much at all.
Could you maybe provide a rebuttal for this attack? and/or explain how
to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexander Clouter wrote:
Arran Cudbard-Bell a.cudbard-b...@sussex.ac.uk wrote:
Paul Bartell wrote:
Right. Its better to give crackers less information versus
more. so others do not get login credentials. Though, if
certificates were properly
Hi,
thanks for the list
I can confirm all of these issues. Also, if you have WPA/AES turned
on, then the Mac wont touch the lovely WPA2/AES - ie it wont do 802.11n
properly. if you reratify the wifi so you only do WPA/TKIP and WPA2/AES
then the Mac is a _little_ happier
I can also confirm
a.l.m.bu...@lboro.ac.uk wrote:
taking some Steinbeck metaphor too far...
oh, how I wish Lenny were a code name for MacOSX rather than Debian... anyway,
or lovely friend Lenny or having a few issues compared to his friend George.
Lenny wants to have the lovely Wifi...but cant. You see,
Hi,
Let's not put Lenny out of his misery just yet. I've never had problems
with EAP-TTLS on Macs, I've actually started recommending people use it, as
it appears to be slightly more efficient than PEAPv0 (based purely on the
number of rounds it takes to complete), and far better documented.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan,
thanks for the list
I can confirm all of these issues. Also, if you have WPA/AES
turned on, then the Mac wont touch the lovely WPA2/AES
I haven't seen this. We have WPA/WPA2 TKIP/AES, and the Mac appears to
always pick WPA2. Unfortunately
a.l.m.bu...@lboro.ac.uk wrote:
thanks for the list
Not a problem.
I can confirm all of these issues. Also, if you have WPA/AES turned
on, then the Mac wont touch the lovely WPA2/AES - ie it wont do
802.11n properly. if you reratify the wifi so you only do WPA/TKIP
and WPA2/AES then
Hi,
Have you actually traced the wireless traffic (passively), are you
sure it's the Macs at fault with this one?
as everything works fine on the same Mac when it runs Vista (yes, I know...)
and works all okay on random PCs and PDAs/smartphones..the big greasy
pointy finger is pointing
I too have had weird behavior on macs. I just ended up using
mac-address authentication (due to insecurities in EAP. (or possibly
rumored, i havn't seen a paper on it yet))
On Tue, Apr 7, 2009 at 7:08 AM, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Have you actually traced the wireless traffic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Bartell wrote:
I too have had weird behavior on macs. I just ended up using
mac-address authentication (due to insecurities in EAP. (or
possibly rumored, i havn't seen a paper on it yet))
Wait what... You went to Mac-Based authentication
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Have you actually traced the wireless traffic (passively), are
you sure it's the Macs at fault with this one?
as everything works fine on the same Mac when it runs Vista (yes, I
know...) and works all okay on random PCs and PDAs/smartphones..the
Arran Cudbard-Bell wrote:
Ohh are you referring to the scaremongering 'The Register' was doing
last year? Because of course, anyone with a hacked copy of FreeRADIUS
can steal all your users credentials !
Unfortunately, people read his column, and believe him. They might
also believe that he
hi,
taking some Steinbeck metaphor too far...
oh, how I wish Lenny were a code name for MacOSX rather than Debian... anyway,
or lovely friend Lenny or having a few issues compared to his friend George.
Lenny wants to have the lovely Wifi...but cant. You see, Lenny has 'issues'
and some of these
Hi,
oh, how I wish Lenny were a code name for MacOSX rather than Debian...
anyway,
Linophile
or lovely friend Lenny or having a few issues compared to his friend
George.
Lenny wants to have the lovely Wifi...but cant. You see, Lenny has
'issues'
and some of these issues wont be
19 matches
Mail list logo