I am attempting to discern the efficacy of controlling or filtering ARP (gateway/client) to mitigate unauthorized connections to wifi networks. As such, I am aware that EAP was originally devised to allow for: " the negotiation of an authentication protocol for authenticating its peers BEFORE allowing network layer protocols to transmit over the link" (RFC2284) However, this protocol does not mention the utilization of ARP in "bridging" the link and network layers to establish (authorized) connections, therefore it is unclear if the EAP protocol provides any control over 'arping,' where unsolicited ARP messages can arbitrarily update remote ARP caches. Thus, my question: Does ARP precede EAP processes, and can a black hat utilize 'arping' (arp spoofing) to subvert traditional authentication methods (such as EAP) to gain access to private wireless networks? I would appreciate any direction that you could provide. Best regards, Mike
<<attachment: winmail.dat>>
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
