|
Home > Archive > CWNP > May 2003 > Get going on CWSP QoD?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Get going on CWSP QoD?
|
|
| meijin 2003-05-02, 2:42 pm |
| Anyone interested in getting rolling on a CWSP QoD like we were trying to do with the CWNA?
Thanks! | |
| wirelessboy 2003-05-02, 9:22 pm |
| Qod yes sir
we sure were "trying" with cwna.
does any website has Qod in cwna?, maybe planet3 should start a Qod via email groups.
regards | |
| Devinator 2003-05-07, 8:13 pm |
| If you have an access point that support Kerberos authentication connected to a hub where a wired packet analyzer (sniffer) is also connected, and a wireless user starts an ftp transfer to a kerberized ftp server, will you be able to see the data being transferred on the sniffer? If you also have a wireless sniffer, will you be able to see the ftp data moving across the RF medium? Explain your answers. | |
| meijin 2003-05-07, 9:14 pm |
| Interesting question Devin...it's been a while since I have looked at anything about Kerberos, but I will give it a shot.
I would say that the answers to the two questions you ask would depend on two things.
#1. How is Kerberos configured? If I remember correctly, Kerberos can provide a means of authentication (are you who you say you are) as well as encryption of the data after authentication has taken place.
#2. Define what you mean by "see the data". See it in clear text or see it in the encrypted form?
I am going to assume that you are talking about having the data encrypted.
All you could see at either the wired or wireless sniffer would be the encrypted data payload as you captured. The wired sniffer would see this because the AP and the sniffer are both attached to a hub. The hub is going to repeat out to all ports and data coming through it. It is a dumb device, unlike the results you could get if you attached it to a switch and configured it correctly.
The same, essentially would be the same for the wireless sniffer. The AP is also like a hub and is going to be "throwing" the encrypted data into the air. Readable, albeit in an encrypted form, by the wireless sniffer. And this is assuming a Kerberos connection between the wireless client that initiated the FTP session and the kerberos capable AP.
So, how far off am I?
Good question...had not thought about Kerberos in quite some time. | |
| Devinator 2003-05-07, 9:25 pm |
| keep in mind that anything i ask here is not indicative of the real exam...i'm just throwing out questions that might help you later...hence anything I ask is not thought through very well...kind of typed off the top of my head
so...
yes, I was referring to encrypted data.
kerberos authentication is offered in symbol's AP-4131 (a very sweet access point I might add). Kerberos is an authentication mechanism...just like RADIUS. Kerberos does a superb job at encrypting and protecting the authentication steps (where the username and password (or certificate)) is used by the supplicant (client). Read the Kerberos section in the CWSP Study Guide then repost your answer....or perhaps someone that already has it can jump in and clarify for us. ;-) I won't be giving away the answer quite so easily. hehe.
Devin | |
| meijin 2003-05-07, 9:32 pm |
| Well, if I had my CWSP book I could check that out! LOL!
I'll go have a look at the MIT website. I think they are the ones that developed it. |
|
|
|
|