ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  A Technical Comparison of TTLS and PEAP
Subject:   TTLS versus PEAP
Date:   2003-12-11 19:04:11
From:   anonymous2
I really am entertained about those that endorse PEAP over TTLS because it is pushed by Microsoft...
Sounds like a GREAT idea to me.. especially when Microsoft cannot keep viruses under control with all their vulnerabilites they have on a day by day basis.. Remember Nimda, Sobig, Welchia. For those of you endorsing PEAP because Microsoft developed it, take time to pat Microsoft on the back... I am sure those of us IT professionals who work hard cleaning up the mess caused by the viruses will appreciate it.


One last point.... Take a Wireless Sniffer like Wild Packets AiroPeek and watch the EAP authentication for PEAP before the protected tunnell is setup.... What the unencrypted username go by... Don't worry it will get encrypted but not before the tunnell is setup. You can see this with AiroPeek. Now go back and do the same thing with TTLS and use the Odyssey client to send anonymous to foil the WLAN hacker with a sniffer. Guess what you will see in AiroPeek... anonymous. Now you tell me which one is more secure: TTLS or PEAP...


Remember we are talking about Wireless....
Do you want your company to be another WLAN hack statistic because of Microsoft's lack of concern for security.


Oh, and do remember there are 2 versions of PEAP. Cisco and Microsoft went divided in their efforts and each did their own implementation.


JMK, CISSP


1 to 2 of 2
  1. TTLS versus PEAP
    2008-07-29 16:51:49  sn555 [View]

  2. TTLS versus PEAP
    2003-12-22 07:26:39  anonymous2 [View]

1 to 2 of 2