Difference between revisions of "Virginia Tech Wifi (OLD)"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Mutantmonkey
imported>Mutantmonkey
Line 18: Line 18:
 
|-
 
|-
 
| VT-Wireless
 
| VT-Wireless
| Very Weak ([[PEAP-MSCHAPv2]])
+
| None to Medium ([[PEAP-MSCHAPv2]])
 
| Yes
 
| Yes
 
| Simple
 
| Simple

Revision as of 17:46, 14 January 2013

Since the fall of 2008, there have been two wireless networks on campus. One network, called VT-Wireless, encrypts all traffic and is secured with EAP-TLS or PEAP-MSCHAPv2. The other network, VT_WLAN, is an unencrypted, captive portal wireless network. While connections to VT-Wireless are secure by default, and require no user authentication once set up, the EAP-TLS setup has a number of steps. In contrast, setup for VT_WLAN network is negligible, but you will be required to manually authenticate each time you connect (although this can be scripted), and your traffic will be readable to everyone.

Select a connection method

Network Authentication Encrypted Setup Support
VT-Wireless Strong (EAP-TLS) Yes Involved Many devices (Laptops and Android devices)
VT-Wireless None to Medium (PEAP-MSCHAPv2) Yes Simple Most devices
VT_WLAN Weak (Captive portal) No Negligible All devices

The best option is EAP-TLS, which provides strong, two-way authentication to ensure that neither you or the authentication server can be impersonated. Unfortunately, setting up EAP-TLS can be somewhat involved because it requires a certificate to be installed on the device.

VT_WLAN is an unsecured captive portal wireless network. It requires no set up at all, but you must log in with your PID and password every time you connect. Since it is not secure, it is simple for any and all unencrypted traffic on the network to be sniffed by anyone within range and is also vulnerable to deauthentication attacks. Its use is discouraged in most cases.

Select a method for setup instructions
EAP-TLS PEAP-MSCHAPv2

Network Information Sources