WinXP+PEAP+Cert Behavior

Benn bb.hostap at magitech.org
Wed Nov 29 02:33:13 EST 2006


Hello all -

I'm trying to take advantage of the WindowsXP Zero Configuration wireless management software (though few use it, it seems) to support a zero-input connection to the AP, without the connection-sniffing vulnerability of an Open network.

Yeah, I know, strange requirements.

I'm seeing some interesting behavior on the part of the WinXP supplicant on the traces I've built, but I'm not able to quite complete the dots.

What I /expect/ might work, is to use a server certificate signed by a previously accepted CA (you know, like Verisign or some such).  Obviously, for testing purposes I'll use good ol' Snake Oil CA, but that's one possible.  I haven't been able to establish exactly what authentication policy the XP machine is using, but it's definitely sending out some kind of packets.

I'm toiling ahead on this at the moment, but I'm looking for suggetsions, tips, or even working PEAP configuration file archives (that'd be brilliant) to work from.

Cheers,
--B



More information about the HostAP mailing list