I'm trying to determine if 802.11i has sufficiently addresses the deficiencies in WEP to make it a viable alternative to wired networks. I still have one concern that I haven't seen an answer to. Could someone point me to some documentation that might address my concerns.
It seems that a lot of though has been put in to protecting the AP's from unauthorized access, but what about the clients? Is there something in the 802.11i that prevents me from targeting the other clients and then using their authorized connection to the AP? I know you can use EAP-TLS for mutual authentication, but that doesn't necessarily mean that the client will only talk to authorized AP's. It just prevents me from spoofing an AP. Can't I still make a peer-to-peer connection to a workstation, own that box, and then have my way with their authorized connection? Do I have to run a firewall on all my clients or does the standard provide a way to make clients communicate exclusively with authorized AP's? Thanks --------------------------------------------------------------------------- ----------------------------------------------------------------------------