Guest Wifi
The 3 wifi options
- Open wifi - Just click and connect
- WPA2-PSK - single key on AP's and shared by all users
- WPA2-Enterprise(802.1x) - AP forwards encrypted traffic to radius server, server Auth to client with Certificate, Client auth either of User+PWD, Certificate, OTP, etc.
Landing page / Portal
- Re-directs initial client traffic to registration servers and only allows access once authenticated.
What is the goals/clients of guest wifi ?
- Actual Corporate guests, doing presentations etc, needing internet access
- Corporate users - keeping private devices e.g. Phones, of the corporate network, but still able to sync o365 email, and get teams alerts
- Testing as if connected at home.
Risks:
- Fake AP (Open , and psk) - wpa2-enterprise(802.1x) uses certificate to auth AP
- Sniff traffic for info/passwords (Open and psk if key known), true for any other open AP,
- all client traffic should be SSL
- Attack on user from other users, on same wifi. (Probes, sniffing etc.)
- Page.execute = 0.001s
- getACL = 0.000s
- init = 0.001s
- load_multi_cfg = 0.000s
- run = 0.008s
- send_page = 0.007s
- send_page_content = 0.001s
- total = 0.009s
