802.11 Frame Exchanges section account for 25% of syllabus for CWAP-403 exam. Potentially around 15 questions out of 60 in the exam can be expected from this section. This blog post focuses on the “security” component of 802.11 Frame Exchange. I will be focusing on other sections in the subsequent posts in the next week…
Read moreTroubleshooting WLAN Issues – #MindMap CWAP#4
I am attempting to put a mind map of WLAN issues. I will look forward at expanding each one of the classifications in the revisions of this blog.
Read moreFortiFocus – Virtual IPs
This section emphasizes on the Virtual IPs section in the FortiGate. I’ve learnt something which is not obvious behaviour and one of those ‘remind me later’ moments that I’ve encountered. VIPs are essentially Destination Network Address Translation (DNAT) objects. For sessions matching the VIP, the destination address is translated. Let us go through some examples…
Read moreSSL Inspection : Forti Focus
Often times we come across website which use certificates that not match the certificate of the site. It presents us with a warning message and option to proceed with risks, below image is quite common. A number of applications and website that use SSL encryption correctly. In this case, the traffic goes through a Secure…
Read moreThe SSL/TLS Handshake Process
CWNA, Authentication & Encryption Types
Different Authentication types Open PSK 802.1X Open Authentication – There is no authentication (Free for all). Device connects to wireless network without any issue. Open Authentication might also redirect to a captive portal like at a Airport or Public Wireless places. There is a two way packet exchange. It is not the secure way to setup…
Read moreCWNA , IEEE 802.11!
Hi IEEE 802.11 Key Concepts Let’s get started with the IEEE 802.11 Journey synopsis. Standards are defined at physical and mac-sub layer(data-link). We are referring to different ways of transmitting data over the air. Also how our communication signal would deliver information. One of the original ones we’ve come across is FHSS (Frequency Hopping Spread…
Read moreCWNA : New Things Learnt today
Cinemas jamming mobile phone signals #cinemajammers The US’s National Association of Theater Owners wants the FCC’s permission to block mobile reception inside cinemas. To be honest I thought this already happened in some places… maybe I’d mentally linked it to office buildings with Faraday cage wall structures to prevent eavesdropping on wireless data transfer; I…
Read more4 Way Handshake
In my own simple words 4-way handshake between a client and an access point Acronyms used: PMK – pairwise master key PRF = Pseudo Random Function AA = Authenticator Address, SA = Supplicant Address PTK = PRF(PMK | ANonce | SNonce | AA | SA) MIC = Message integrity code GTK = Group…
Read moreDuo MFA Security
Learnt something new today for DUO security. Any app or device can now be configured for MFA. Today i was able to get office 365 and azure login to redirect to DUO, got it working in less than 15 minutes. Quite amazing. Not sure if its so easy to configure or i am getting good…
Read more