Your schools IT Dept should be able to answer these - and any other questions. Be prepared for them to ask you why.
This is their link:
http://www.aus.edu/ausdir/searchdept...ogy+Department
Wireless Security
hi, im a student at AUS uni, they racently sent us an email about wireless security and they told us we should follow these steps here hxxp://itdfaq.aus.edu/faq/index.php?action=artikel&cat=5&id=19&artlang=en (please change the xx to tt)
I want to know if i connect to this network, will my data and packets be encrypted? and will this network be secured from sniffing attackes and other stuff?........thanx
Your schools IT Dept should be able to answer these - and any other questions. Be prepared for them to ask you why.
This is their link:
http://www.aus.edu/ausdir/searchdept...ogy+Department
"If you dont have the cash to purchase a working card then HOW in the world are you gonna take over the planet." - pureh@te
Hmm, I think he was looking for a technical perspective from someone other than the school.
I think PEAP is one of the most secure methods of wireless security at this time. We usually recommend PEAP to any site we perform a wireless security assessment on. There are some new attack vectors against PEAP, namely network impersonation attacks that you can read up on:
http://www.sans.edu/resources/securi...security_1.php
Search the forums for posts related to karmetasploit for whats in the works.
William
Is it wise for the school to make their certificate so widely available? Couldn't that contribute to the ease of a MiTM attack?Originally Posted by williamc
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
I have no doubt that is the case. In my not so humble opinion - If you can't ask your IT Dept, or Network Admin a direct question about encrypted packets going over the network - then you might not want to do whatever activity requires those packets to be sent.
"If you dont have the cash to purchase a working card then HOW in the world are you gonna take over the planet." - pureh@te
Wow! I completely overlooked that! They provide the certificate to connect to their network allowing you to passively sniff traffic (kismet). You could probably get some user names and passwords similar to the LEAP vulnerability.
I think this furthers my argument that the poster shouldn't rely on his IT department for security advise.
William
so from you guys i can understand it's not full secured and it can be under sniffing attackes
i tried once to ask IT dep. but those people who are setting on the Help Desk they don't know what they are talking about i mean they didn't give me the direct and complete answer so i was confused that's why i asked you.
Posting Permissions
