Re: AT&T WiFi at McDonalds, etc

---

• From: Jeff Liebermann <jeffl@xxxxxxxxxx>
• Date: Wed, 31 Oct 2007 23:30:37 -0700

---

John Navas <spamfilter1@xxxxxxxxxxxxxx> hath wroth:

On Wed, 31 Oct 2007 19:27:29 -0700, Jeff Liebermann <jeffl@xxxxxxxxxx>
wrote in <mbdii3lihs4orppiusdjdj6ulullfmpalq@xxxxxxx>:

What I find amusing (or disgusting) is that any wireless provider that
has a functional authentication server, such as AT&T obviously does,
can also provide RADIUS based authentication, which the typical
wireless client has no problem using. The client and access point can
then be issues a unique one time WPA-RADIUS encryption key, and all
the traffic is encrypted.

I suspect the issue is support -- it's bad enough when users can connect
automatically, and it's a nightmare to support the handing out and use
of one-time keys.

That's not exactly the way it would (should?) work. The RADIUS server
delivers the encryption key to both the access point and the client. I
have WPA-RADIUS working at several installations without any
modifications to the client computer. In all cases, the user is
issued a login and password, which are also entered in the RADIUS
server. Administering this is a PITA for a small coffee shop, but
AT&T already does everything that's necessary for their DSL customers,
so there's no added effort involved. The only changes are to convince
AT&T and Wayport to consolidate their authentication methods and to
enable WPA-RADIUS in their wireless access points. That can't be done
at this time because of bureaucracy and more important, because the
access point will not handle multiple encryption modes (WPA-RADIUS and
unencrypted). Two access points would solve that problem, but that's
a major expense that's probably not justified.

--
Jeff Liebermann jeffl@xxxxxxxxxx
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
.

---

• Follow-Ups:
  • Re: AT&T WiFi at McDonalds, etc
    • From: John Navas

• References:
  • AT&T WiFi at McDonalds, etc
    • From: P.Schuman
  • Re: AT&T WiFi at McDonalds, etc
    • From: dold
  • Re: AT&T WiFi at McDonalds, etc
    • From: Bill Kearney
  • Re: AT&T WiFi at McDonalds, etc
    • From: Jeff Liebermann
  • Re: AT&T WiFi at McDonalds, etc
    • From: John Navas

• Prev by Date: Re: AT&T WiFi at McDonalds, etc
• Next by Date: HELP please!!
• Previous by thread: Re: AT&T WiFi at McDonalds, etc
• Next by thread: Re: AT&T WiFi at McDonalds, etc
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Need help configuring Wireless Connection profile ... "point" the info of the Radius authentication to your current Radius server. ... SMALL BUSINESS SERVER: ... STEP #1 Install Certificate Services ... (microsoft.public.windowsxp.general) Re: Need help configuring Wireless Connection profile ... "point" the info of the Radius authentication to your current Radius server. ... SMALL BUSINESS SERVER: ... STEP #1 Install Certificate Services ... (microsoft.public.windowsxp.general) Re: WPA2 security settings: ... The Cisco 1200 AP won't provide RADIUS authentication over any protocol ... TLS, LEAP, etc.) When I'm testing PEAP, I use Windows Server 2003 as the ... If you're using radio card X, for example, it might support ... (microsoft.public.windowsce.embedded) Re: Radius? ... RADIUS is a protocol which is implemented by IAS. ... Standard Edition; Windows Server 2003, ... Authentication Dial-in User Service (RADIUS) server and proxy. ... (microsoft.public.internet.radius) Cisco Security Advisory: RADIUS Authentication Bypass ... Cisco Security Advisory: RADIUS Authentication Bypass ... Cisco has made free software available to address this vulnerability. ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

newsgroups.derkeiler.com  > Archive  > Alt  > alt.internet.wireless  > 2007-11