Enterprise Lockdown

Reply
Contributor II
Posts: 67
Registered: ‎08-20-2007

New Crack Tool. Defense?

I was looking at the new Radius hack discussed here : http://blogs.zdnet.com/security/?p=922
If I read this right basically anyone could set up a FreeRadius server with say a WRT linksys with the same SSID I have setup on our campus. They could then mimic the WPA2/AES 802.1x setup with their own certificate and if the end user doesn't have the 'Validate Server Certificate' checked, or clicks 'OK' anyway, then their username/password would be sent to the rogue server.
We don't specifically use a radius server, we are using LDAP to eDir on the back end, but I still see this being a potential hack because the end-user is the target. I don't have control over all the end-users. I should see these as rogues (assuming I have an AP in range to see it) and I can disable it.
Are there other, better defenses? Am I not reading the Crack correctly?
Search Airheads
Showing results for 
Search instead for 
Did you mean: