Trying to connect to a wireless network validating identity
I recently bought a new Linksys wireless router and after setting it up with basic WEP security, I tried to logon from my laptop and was successful! So then I tried to connect from my desktop computer that has a wireless USB adapter attached to it and I ended up getting this error message: Fabulous! I checked my settings on the wireless router to make sure I didn’t accidentally setup certificate security, but found no such thing.
Also, since I was able to connect from my laptop with no problem, it led me to believe it was something wrong with my desktop.
When you sign in to comment, IBM will provide your email, first name and last name to DISQUS.
As such, it can be easily "tricked" into doing so by an attacker.
It is trivial (and in some cases entirely free) for an attacker to get a valid certificate from a public CA that can match the hostname of the attacker's own "authentication server." If specific hostnames for the authentication servers are not configured in the EAP supplicant (and they often are not or can't be), then even if the designated CA is configured and is a public CA, the attack just needs to get their certificate from the same public CA. An attacker will have a much more difficult time getting a valid certificate issued from the private CA of the school and if that private CA is the only designated CA in the EAP supplicant, then it makes it very difficult for an attacker to pretend to be the real wireless network and capture credentials for those clients.
I apologize for being redundant, but this is the key point.
If you've previously tried to connect to eduroam, you may need to forget the existing profile before proceeding:2.
To learn more about our website privacy practices, please review University of Richmond’s general data privacy regulation policy.
To continue to our website, you must click on “I agree” to agree to this use.
Network Access Control or NAC, is one of the terms that if I polled 20 Secur Edge clients, most of them would have a different way to define NAC.
The issue is that there are so many security products out there and there is so much discussion around the term, that the lines are blurred as to what it is and what a true NAC solution should do.