This feature provides a config option to configure the GTK randomization on the WLAN. By default GTK randomization is disabled on the WLAN (default behavior). When enabled, GTK should be randomized for each client of the BSS. When this is enabled, the client should not be able to decrypt the broadcast and multicast packets received. This feature addresses the "Hole196" security vulnerability.
I know this is an inside only attack but a lot of attacks already happen from the inside. Attacks are not always to gain access to a network to use it but to steal information from other trusted users.
In our environment, a University, we feel that this inside attack is very real especially when running ethical hacking courses which probably cover such attacks. Some students will try these attacks out on the most convenient network they have available, ours. So although the user must already have access to our WLAN it doesn't mean that an attack will not happen.
We have a lot of "trusted" users, about 20,000, but to be honest I don't trust any of them.
GTK has to be known to every STA to let them decrypt broadcast/multicast traffic. What does actually GTK randomize means? If every client get GTK randomized, doesn't it break the logic of broadcast/multicast? Does it mean both types of traffic become unicast if this checkbox is enabled?
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...