[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[port139ml:02051] Re: 802.1x(MS-PEAP)

To: port139ml@xxxxxxxxxxxxx
Subject: [port139ml:02051] Re: 802.1x(MS-PEAP)
From: Reiya Ayanami <reiya@xxxxxxxxxxxxx>
Date: Fri, 24 Jan 2003 07:41:55 +0900

あやなみ です。

<20030118181739.6462.HIDEAKI@xxxxxxxxxxxxx> の、
   "[port139ml:01942] 802.1x(MS-PEAP)" において、
   "Hideaki Ihara <hideaki@xxxxxxxxxxxxx>"さんは書きました：

> Port139 伊原です。忘れないうちにメモっておこう...
> 
> 昨夜、MS PEAP と Cisco PEAP という2種類があるという
> お話が出てたので要確認。＞自分

必要があったので、ちょっと調べてみました。
ここ（↓）に少し出ているようですね。

http://www.cisco.com/warp/public/cc/pd/witc/ao1200ap/prodlit/
peap_qa.htm


Q. What is the difference between the Microsoft PEAP supplicant 
and the Cisco PEAP supplicant? 

A. Both supplicants support PEAP, but each supports different 
methods of client authentication through the TLS tunnel. The 
Microsoft PEAP supplicant supports client authentication by only
 MS-CHAP Version 2, which limits user databases to those that 
support MS-CHAP Version 2, such as Windows NT Domains and Active
 Directory. The Cisco PEAP supplicant supports client 
authentication by OTPs and logon passwords, enabling support for
 OTP databases from vendors (such as RSA Security and Secure 
Computing Corporation) and logon password databases (such as 
LDAP and Novell NDS) as well as Microsoft databases. In addition,
 the Cisco PEAP client includes the ability to hide user name 
identities until the TLS encrypted tunnel is established. This 
provides additional confidentiality that user names are not 
being broadcast during the authentication phase. 

時間ができたら、もうちょっと調べてみます。

あやなみ

--
Reiya Ayanami
reiya@xxxxxxxxxxxxx

References:
- [port139ml:01942] 802.1x(MS-PEAP)
  - From: Hideaki Ihara

Prev by Date: [port139ml:02050] Re: Detecting Wireless LAN MAC Address Spoofing
Next by Date: [port139ml:02052] Port139(Forensics tools)::antenna
Previous by thread: [port139ml:02017] Re: 802.1x(MS-PEAP)
Next by thread: [port139ml:01950] FTK Version 1.31
Index(es):
- Date
- Thread