+When the Mobile Node moves to a new place, It will receive the advertisement messege and send the Registration request. The registration request uses the IP of Mobile node ( in case of located- care-of address ) or NAI ( in case of co-located care-of address) to authentication mobile node with Home agent.
There are some security problems here:
+ Replay Attacks: can be resisted by using identifier field in Registration request message
+ Modify the Packet : can be resisted by using the checksum and HMAC-MD5 to guarantee the packet integration
But i am a little bit confused with man-in-the-middle attack. I supposed that someone capture the registration request packet and he know the authention property (IP of mobile node or NAI) , after that he can use this authentication to use the service?
I'm thinking of the below scenario:
Mobile Node : The digest message A = HMAC-MD5(IP, identifier, Secret key) and after that it sends to the Home Agent
Home Agent : Computer the digest messge B = HMAC-MD5(IP, Identifier ,Secrect key' ) ( the IP, Identifier from the registration message ) and it stores the secret key
We compare The digest message A (in registration message ) with the digest messge B . It will be ok if 2 of digest message are equal.
In this case, We consider 3 authentioncation scenario: Mobile Node -- Home Agent , Mobile Node - Foreign Agent and Foreign Agent -- Home Agent
How can we authenticate Mobile Node - Foreign Agent ?
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...