Security

Airheads,

I have some secuirty quries for Captive portal based guest solutions

Over wireless, After captive portal authentication (without mac-auth),

1. Will there be any 4-way handshake between client and AP after authentication?

2.If 4-way handshake, will cppm provide MSK(master session key) to authenticator?

3.If there is no 4-way handshake, will the traffic be open and visible if do packet capture?

4.Adding Mac-authentication to this improves any security(interms of encryption)?

Thanks a lot!!

It really depends on how the SSID has been configured.

If it is an Open SSID with captive portal authentication (usual worksflow for guest networks), yes, traffic over Wi-Fi will not be encrypted and can be sniffed.

Mac auth is still an authentication mechanism. An SSID with no encryption and MAC auth can still be sniffed.

Unless you select an Encryption method for the SSID, data can be sniffed.

Thanks Jaybee,

For enterprise guest network, is there any method to encrypt data except onboard, onguard and preshared key?

Hi,

Some time late to this post. Here we are talking about traffic after captive portal authentication, and I am clear it will be unencrypted. What about the interchange of username and password at the moment of captive portal authentication? Will they be encrypted or unencrypted if we are using HTTPS captive portal?

Regards,

Julián

It is encrypted when you use HTTPs, but I would not use anything besides 802.1x encryption when it comes to employee usernames and passwords.  802.1x also requires properly configured clients, otherwise it is vulnerable to man in the middle attacks.