Web authentication allows DNS tunnelling

Unanswered Question
Sep 13th, 2007

Hi,

I have noticed that with only web authentication, the guest client can send DNS requests through the wireless network and out to the internet via the controller prior to being authenticated.

Then, using DNS tunnelling techniques, could surf the web, albeitly slowly, without authenticating.

Is there anyway to stop this other than turning on WPA/WEP authentication on the WLAN ?

Thanks

Lee

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bwilmoth Wed, 09/19/2007 - 13:22

WPA authentication is a better method of authenticatiing the clients in the network.Wi-Fi Protected Access is a standards-based, interoperable security enhancement that strongly increases the level of data protection and access control for existing and future wireless LAN systems

http://cisco.com/en/US/docs/wireless/access_point/12.2_11_JA/configuration/guide/s11auth_ps430_TSD_Products_Configuration_Guide_Chapter.html#wp1039377

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801c40b6.shtml

Actions

This Discussion

 

 

Trending Topics - Security & Network