WinXP+PEAP+Cert Behavior

Benn bb.hostap
Thu Nov 30 22:59:55 PST 2006

On Thu, Nov 30, 2006 at 12:46:03PM -0500, Bryan Kadzban wrote:
> On Thu, Nov 30, 2006 at 05:29:03PM +0100, Benn wrote:
> > and even having the initial
> > handshake in plaintext would be acceptable if the rest of the
> > connection is within a pipe.
> Hmm...  I'm thinking that your requirements here are contradictory.
> ;-)

Yes.  I know.  I said the same thing, actually :)

> If anyone can associate and get a key, then I don't think the encryption
> that's in place for the other clients is really worth anything anymore
> either.  I think it may be possible to start basically "stealing"
> traffic (see e.g. Ettercap) using ARP poisoning.  If you're able to get
> the server to send you data that was meant for another machine, then
> your machine will be able to decrypt it.

Well, the key rotation should keep it from being interceptable simply from any point, but snarfing the entire stream would, without a shared secret of some kind, of course compromise the whole setup.  So naturally if WinXP boxs were set up to default permit SSL signed certificates (which has the problems you've previously mentioned, and others) that'd be avoidable.  Otherwise, our friend Mallory will have a fieldday.

> But if that's still acceptable, and your management *really* only wants
> the appearance of security, then you could probably hack up the internal
> RADIUS server to always send Access-Accepts after the first packet.
> Actually, you could probably hack together a fairly small standalone
> RADIUS server that responds to anything on udp/1812 with an
> Access-Accept (and at that point, you might as well just not bother
> checking the RADIUS authenticator either -- although you would need to
> generate a valid response authenticator, otherwise hostapd won't accept
> the response).

Interesting you mention that -- I actually tweaked freeradius to do exactly that, but lacking the proper response Message-Authenticator it was dropped.  Is that the kind of thing that I can easily generate?  The tweak I tried was fiddling with the password checking routine to always pass back OK, but for whatever reason the Message-Authenticator value wasn't added.  Any suggestions for where in the codebase (or as a seperate module) I could add that in?  Or, is it a pretty straightforward calculation?

I should probably just rtfm the radius rfc, ne? :)


More information about the Hostap mailing list