RADIUS wifi not working on Windows with domain users
aland at deployingradius.com
Tue Apr 10 14:51:27 CEST 2018
On Apr 10, 2018, at 5:27 AM, Stefan Winter <stefan.winter at restena.lu> wrote:
> That's what I meant with "gaping security hole". An attacker can simply
> set up a Wi-Fi network with the same SSID and arbitrary RADIUS server,
> and your computer will happily send your username and password to that
> rogue attacker when in the vicinity.
The hope is that most new devices will do certificate pinning. After the first authentication, they cache the CA. And if the CA changes, they complain and refuse to authenticate.
More information about the Freeradius-Users