ndiswrapper + wpa_supplicant

George N. White III gnwiii
Thu Dec 6 06:50:27 PST 2007

On Dec 6, 2007 10:20 AM, Bryan Kadzban <bryan at kadzban.is-a-geek.net> wrote:

> George N. White III wrote:
> > 2.  Iwlist wlan0 scan often shows multiple "dlink" AP's, but only one
> > "dlink" appears in the NetworkManager list.  Even if I give my AP a
> > name, an evil perp could use the same name and NM might well use that
> > AP. NM needs a way to present multiple AP's with the same name.
> If you're worried about so-called "rogue APs", then simply splitting out
> each BSS from the ESS in the UI isn't going to help at all.  As Dan said
> in response to this, most people don't know (or care) which BSSID
> they're connecting to -- but even apart from that, it may be possible to
> fake a BSSID.  (I don't know for sure.)
> The only secure way to fix this is to either (a) ensure your PSK can't
> be guessed, *and* that nobody writes AP firmware/software that will let
> people connect even if their PSK is wrong (though I don't know if that's
> possible), or (b) use a RADIUS server, ensure your RADIUS shared secret
> can't be guessed, use some kind of certificate to authenticate the
> server (e.g. PEAP, TTLS, or TLS), and configure the client to only trust
> a root certificate that you control.
> The last part is the critical one: a rogue AP can probably spoof just
> about everything, but not knowledge of the root cert's private key.  And
> the unguessable shared secret ensures that the rogue AP can't just use
> your existing RADIUS server.  (Although if someone has the ability to
> plug into your network already, it's a bit of a moot point -- but whatever.)

At present, some people are finding that NM unexpectedly connects to
an open AP, e.g., after the connection to a secure AP was dropped, so at
present, rogue AP justs needs to be open.   Give it an attractive name,
either that of an existing secure AP or "bypass_corporate_filrewall_here",
and put it close to your target.

George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia

More information about the Hostap mailing list