How WPA functions? TKIP?

[imported_wyze]

On second thought, if you want, I could always write a tutorial sometime this weekend on getting one setup and throw it on over your way to see if its followable. Let me know.

Would be KooL if you could post a quick tut with conf files attached for PEAP/TLS

[-=Xploitz=-]

Would be KooL if you could post a quick tut with conf files attached for PEAP/TLS

I second that..

[DaKahuna]

Only asking because I wonder if companies use this free radius or if they pay a provider..and if they do pay a provider, does it use the same principals?

We use RADIUS with our wireless solution. It is not FreeRADIUS but rather a product known as "Steel Belted RADIUS". While I would not claim to have the skills that a lot of the members here have with wireless, I have attempted off and on for over two years to crack the system and have not been able to do so.

It is my guess that the reasons most major corporations do not use more open source based soluitons like FreeRADIUS is that corporations need the safety blanket of having someone to call when things go wrong. Not a lot, including the one I work for, are willing to put their information in the hands of the open source community.

[Re@lity]

I second that..

and BTW..I wasn't intending to insult you with the talent comment. Poor choice of wording on my part.

Take a look at Zeroshell.
May be of interest for near "instant" attacking experiments?

http://www.zeroshell.net/eng/

[streaker69]

It is my guess that the reasons most major corporations do not use more open source based soluitons like FreeRADIUS is that corporations need the safety blanket of having someone to call when things go wrong. Not a lot, including the one I work for, are willing to put their information in the hands of the open source community.

I agree with that, as that is what I have seen as well. When something bad happens, they want to have someone from the company onsite the day before something bad happened. With OSS, most times you just can't have that happen.

I run some OSS Software at my place, but nothing that would be considered mission critical.

[-=Xploitz=-]

We use RADIUS with our wireless solution. It is not FreeRADIUS but rather a product known as "Steel Belted RADIUS". While I would not claim to have the skills that a lot of the members here have with wireless, I have attempted off and on for over two years to crack the system and have not been able to do so.

It is my guess that the reasons most major corporations do not use more open source based soluitons like FreeRADIUS is that corporations need the safety blanket of having someone to call when things go wrong. Not a lot, including the one I work for, are willing to put their information in the hands of the open source community.

Now that makes sense. So would it be more of a challenge to crack this FreeRadius or this "Steel Belted RADIUS"..I'm just gonna guess and say the later of the 2. Radius is going to be my new project when I get the time to try it out. But for now..I can play with the Free radius without breaking any laws correct?? Just want to make sure.

Take a look at Zeroshell.
May be of interest for near "instant" attacking experiments?

http://www.zeroshell.net/eng/

A quote from your link...

It is available in the form of Live CD or Compact Flash image and you can configure and administer it using your web browser.

Thats about as easy as its gonna get it looks like.

Thanks for that link Re@lity. I bookmarked it for later use once I get some time to play with it. Seems all pretty much straight forward, and lots of open source components and a wget for guaranteeing automatic updating with the patches.

Thanks again boss.

[DaKahuna]

Now that makes sense. So would it be more of a challenge to crack this FreeRadius or this "Steel Belted RADIUS"..I'm just gonna guess and say the later of the 2. Radius is going to be my new project when I get the time to try it out.

I am not sure there is much of a difference but have not investigated to see. Might be worth asking around whether one has been determined/proven to be more secure than the other.

But for now..I can play with the Free radius without breaking any laws correct?? Just want to make sure.

Yes, as long as it is your network and RADIUS server.

[-=Xploitz=-]

I am not sure there is much of a difference but have not investigated to see. Might be worth asking around whether one has been determined/proven to be more secure than the other.



Yes, as long as it is your network and RADIUS server.

I know that..I was referencing the "free radius..since someone else was hosting it.

Would it be my network and radius server..or just my network and this company's free radius's server?? ..Thats the problem I'm having understanding. I don't want to push any gray area with this. If it was definitely my radius server even though its free radius...then of course I could legally crack it. But if I'm just "using/borrowing" free radius's radius server..then I think it would be illegal for me to "probe" it.

I hope I made sense to you guys..as I know very little on radius servers. Never even seen one set up.

[balding_parrot]

You actually download it and run it on your own system, so there is no problem.

[-=Xploitz=-]

You actually download it and run it on your own system, so there is no problem.

I see. Thanks b_p.