AW: AW: understanding

Heinrich, Sebastian S.Heinrich at aos-stade.de
Fri Mar 30 11:54:46 CEST 2012


Now I am totally confused. Fajar says that it is not so easy to crack the passwords and Phil says the opposite. I am not a hacker. Can anybody say that this would be easy to do or not:

"A CA certificate must be used at each client to authenticate the server to each client before the client submits authentication credentials. If the CA certificate is not validated it is generally trivially easy (in wireless networks) to introduce a fake Access Point which allows gathering MS-CHAPv2 handshakes, which on recent hardware can be cracked in a matter of seconds." (source:  http://en.wikipedia.org/wiki/Protected_Extensible_Authentication_Protocol)

Best Regards

Sebastian Heinrich
Techn. DV 


Aluminium Oxid Stade GmbH
Johann-Rathje-Köser-Straße
21683 Stade

email  S.Heinrich at aos-stade.de
web    http://www.aos-stade.de


More information about the Freeradius-Users mailing list