802.11 Frame Exchanges – Security #CWAP7

802.11 Frame Exchanges section account for 25% of syllabus for CWAP-403 exam. Potentially around 15 questions out of 60 in the exam can be expected from this section. This blog post focuses on the “security” component of 802.11 Frame Exchange. I will be focusing on other sections in the subsequent posts in the next week…

Read more

FortiFocus – Virtual IPs

This section emphasizes on the Virtual IPs section in the FortiGate. I’ve learnt something which is not obvious behaviour and one of those ‘remind me later’ moments that I’ve encountered. VIPs are essentially Destination Network Address Translation (DNAT) objects. For sessions matching the VIP, the destination address is translated. Let us go through some examples…

Read more

SSL Inspection : Forti Focus

Often times we come across website which use certificates that not match the certificate of the site. It presents us with a warning message and option to proceed with risks, below image is quite common. A number of applications and website that use SSL encryption correctly. In this case, the traffic goes through a Secure…

Read more

CWNA, Authentication & Encryption Types

Different Authentication types Open PSK 802.1X Open Authentication – There is no authentication (Free for all). Device connects to wireless network without any issue.  Open Authentication might also redirect to a captive portal like at a Airport or Public Wireless places. There is a two way packet exchange. It is not the secure way to setup…

Read more

CWNA , IEEE 802.11!

Hi IEEE 802.11 Key Concepts Let’s get started with the IEEE 802.11 Journey synopsis. Standards are defined at physical and mac-sub layer(data-link). We are referring to different ways of transmitting data over the air. Also how our communication signal would deliver information. One of the original ones we’ve come across is FHSS (Frequency Hopping Spread…

Read more

CWNA : New Things Learnt today

Cinemas jamming mobile phone signals #cinemajammers The US’s National Association of Theater Owners wants the FCC’s permission to block mobile reception inside cinemas. To be honest I thought this already happened in some places… maybe I’d mentally linked it to office buildings with Faraday cage wall structures to prevent eavesdropping on wireless data transfer; I…

Read more

4 Way Handshake

    In my own simple words  4-way handshake between a client and an access point Acronyms used: PMK – pairwise master key PRF = Pseudo Random Function AA = Authenticator Address, SA = Supplicant Address PTK = PRF(PMK | ANonce | SNonce | AA | SA) MIC = Message integrity code GTK = Group…

Read more

Duo MFA Security

Learnt something new today for DUO security. Any app or device can now be configured for MFA. Today i was able to get office 365 and azure login to redirect to DUO, got it working in less than 15 minutes. Quite amazing. Not sure if its so easy to configure or i am getting good…

Read more