Difference between revisions of "Virginia Tech Wifi (OLD)"
imported>Mutantmonkey |
imported>Mutantmonkey |
||
Line 30: | Line 30: | ||
|} | |} | ||
− | The best option is [[EAP-TLS]], which provides strong, two-way authentication to ensure that neither you or the authentication server can be impersonated. Unfortunately, setting up EAP-TLS can be somewhat involved because it requires a certificate to be installed on the device | + | The best option is [[EAP-TLS]], which provides strong, two-way authentication to ensure that neither you or the authentication server can be impersonated. Unfortunately, setting up EAP-TLS can be somewhat involved because it requires a certificate to be installed on the device. |
− | [[VT_WLAN]] is an | + | [[VT_WLAN]] is an unsecured captive portal wireless network. It requires no set up at all, but you must log in with your PID and password every time you connect. Since it is not secure, it is simple for any and all unencrypted traffic on the network to be sniffed by anyone within range and is also vulnerable to deauthentication attacks. Its use is discouraged in most cases. |
{| class='wikitable' width='40%' | {| class='wikitable' width='40%' |
Revision as of 18:10, 19 August 2012
Since the fall of 2008, there have been two wireless networks on campus. One network, called VT-Wireless, encrypts all traffic and is secured with EAP-TLS or PEAP-MSCHAPv2. The other network, VT_WLAN, is an unencrypted, captive portal wireless network. While connections to VT-Wireless are secure by default, and require no user authentication once set up, the EAP-TLS setup has a number of steps. In contrast, setup for VT_WLAN network is negligible, but you will be required to manually authenticate each time you connect (although this can be scripted), and your traffic will be readable to everyone.
Select a connection method
Network | Authentication | Encrypted | Setup | Support |
---|---|---|---|---|
VT-Wireless | Strong (EAP-TLS) | Yes | Involved | Many devices (Laptops and Android devices) |
VT-Wireless | Very Weak (PEAP-MSCHAPv2) | Yes | Simple | Most devices |
VT_WLAN | Weak (Captive portal) | No | Negligible | All devices |
The best option is EAP-TLS, which provides strong, two-way authentication to ensure that neither you or the authentication server can be impersonated. Unfortunately, setting up EAP-TLS can be somewhat involved because it requires a certificate to be installed on the device.
VT_WLAN is an unsecured captive portal wireless network. It requires no set up at all, but you must log in with your PID and password every time you connect. Since it is not secure, it is simple for any and all unencrypted traffic on the network to be sniffed by anyone within range and is also vulnerable to deauthentication attacks. Its use is discouraged in most cases.
Select a method for setup instructions | |
---|---|
EAP-TLS | PEAP-MSCHAPv2 |