what tests can i do with 802.1x wifi?

[dentillozie]

im currently working on my finalwork about 'BYOD enterprise wifi security'. The idea is to test some of the authentication protocols to see how 'hackable' they are.

The problem is that I dont really know where to start next and time is ticking away.

I have tried a MS-CHAPv2 handshake capture with a rogue AP and decrypted the password but i want to do some other tests because i dont have enough content.

Do you guys have any ideas for test i can do or write some content about? thanks

[NinjaJc01]

14 minutes ago, dentillozie said:

im currently working on my finalwork about 'BYOD enterprise wifi security'. The idea is to test some of the authentication protocols to see how 'hackable' they are.

The problem is that I dont really know where to start next and time is ticking away.

I have tried a MS-CHAPv2 handshake capture with a rogue AP and decrypted the password but i want to do some other tests because i dont have enough content.

Do you guys have any ideas for test i can do or write some content about? thanks

Maybe see how much lag/overhead the security causes?

[dentillozie]

57 minutes ago, NinjaJc01 said:

Maybe see how much lag/overhead the security causes?

thanks for your comment. i was more thinking about testing security and stuff like that.

[NinjaJc01]

5 minutes ago, dentillozie said:

thanks for your comment. i was more thinking about testing security and stuff like that.

But overhead is a key part. If you have an ultra secure router, but it is too slow to be of any real use, that's sort of pointless. Quite honestly, test the super simple stuff first, like normal operation.

[harry4742]

You mentioned the first problem: the rougue network that wasn't killed instantly

[dentillozie]

1 hour ago, NinjaJc01 said:

But overhead is a key part. If you have an ultra secure router, but it is too slow to be of any real use, that's sort of pointless. Quite honestly, test the super simple stuff first, like normal operation.

yeah i didn't look at it from that perspective. ill do some test about latency 

 

Does anybody else have some ideas?

[Lurick]

For 802.1x over wifi you can test a myriad of things. Rogue access points as has already been pointed out, failure to the ISE/Radius server and what happens to local authentication, fallback vlan failure, Mac Authentcation Bypass (MAB), etc.

[dentillozie]

1 hour ago, Lurick said:

For 802.1x over wifi you can test a myriad of things. Rogue access points as has already been pointed out, failure to the ISE/Radius server and what happens to local authentication, fallback vlan failure, Mac Authentcation Bypass (MAB), etc.

i like where this is going  i cant really personally test failover radius cuz i only have 1 server tho. if you have more ideas?

[Lurick]

Just now, dentillozie said:

i like where this is going  i cant really personally test failover radius cuz i only have 1 server tho. if you have more ideas?

I just did a lot of enterprise level testing for 802.1x interoperability with switches but a lot of that can be done with the AP as well I'm sure. Other ideas are testing IPv4/IPv6 (dual stack) clients just to see what happens with communication to the server, authentication with the radius server itself like does it show the clients re-authenticating, adjusting authentication timers and pushing those down to the clients, do clients accessing the AP show up on the switch, possibly doing downloadable ACLs to the port or even to the AP for clients on specific SSIDs, critical VLANs incase the server fails voice calls or something can still be placed and authenticated.