For WPA enterprise in the corporate world, is the RADIUS server connected to the Authenticator/Access Point wirelessly or 'wiredly' for most situations? If they are connected wirelessly, does this mean that it becomes somewhat trivial to sniff the RADIUS packets and therefore, retrieve the encrypted PMK that the RADIUS passes on to the AS. How feasible would such an attack be?
Asked
Active
Viewed 337 times
0
-
Generally they are wired connected. But it is feasible, check [this](https://security.stackexchange.com/questions/149955/in-real-time-where-do-we-deploy-extensible-authentication-protocoleap-in-wire/150019#150019) and [this.](https://security.stackexchange.com/questions/151912/wpa2-enterprise-eap-tls-key-exchange/151925#151925) Interested in Wi-Fi pentesting? :P – Azteca May 08 '17 at 16:09
-
Haha yeah i was thinking of doing research in wireless/network security. I'm considering pentesting as well but I'm not sure if a pentester can just specialise in wireless security and nothing else.. – Lew Wei Hao May 08 '17 at 18:14