WinXP+PEAP+Cert Behavior

Thu Nov 30 18:52:34 PST 2006

On Thu, Nov 30, 2006 at 06:11:52AM +0100, Benn wrote:

> Thanks for the well crafted answer, that was basically what I expected to hear, but was hoping otherwise :)  The interesting thing is, the client is definitely sending out some kind of packet which gets turned into a request to the radius server:
> 
> <<HOSTAPD
>    IEEE 802.1X: 9 bytes from 00:13:d3:6f:b1:4e
>       IEEE 802.1X: version=1 type=0 length=5
>       EAP: code=2 identifier=1 length=5 (response)
>    ath0: STA 00:13:d3:6f:b1:4e IEEE 802.1X: received EAP packet (code=2 id=1 len=5) from STA: EAP Response-Identity (1)
>    ath0: STA 00:13:d3:6f:b1:4e IEEE 802.1X: STA identity ''

If the client is using Microsoft's WZC, this frame is likely the probe
it uses for autodetecting the network security parameters. If you are
more interested in that, take a look at Wireless Provisioning Services
(WPS). Microsoft has some documention available for it.

-- 
Jouni Malinen                                            PGP id EFC895FA