Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are You Using 802.1X?

Posted by Cliff on from the solving-the-problems-of-802.11 dept.

WirelessMan asks "I work for a certain university in the US, and our IT department has just deployed IEEE 802.1x authentication for our wireless network. One of the benefits is that all users' sessions are encrypted using tumbling WEP keys. One of the (major) drawbacks is the 'newness' of 1x. As far as I can tell (Google, etc) there aren't a whole lot of places out there who have taken the plunge. Google it, or check out this brief description. Does the Slashdot community have any experience with 1x?"

"Here's our story: we're using Windows 2003 servers (for IAS) and PEAP/MSCHAPv2. We're not offering support for Windows clients prior to 2000 (even though clients do exist for 98/ME,etc). Windows 2000 supposedly has builtin support after SP3, but on June 10, Microsoft released a WEP patch that breaks 1x! (At least for our implementation...) Windows XP SP1 works in most cases, but certain onboard-wireless chipsets (Intel) don't work, regardless of OS. I heard that staff struggled with and finally successfully installed a 3rd party client for RedHat 9, and I'm told there's also a client for Mac OS 10.2.

As far as I can tell, the network guys did their homework--I promise--but this deployment is beginning to look like a disaster! Do you have any wisdom to share about how to pull victory from the clutches of shameful defeat? I realize my question is rather broad and vague ... but I'm really interested to see what discussion comes up. Thanks!"

24 of 239 comments (clear)

  1. haha! by Pi314592 · · Score: -1, Offtopic

    first post!

    --
    [img]http://www.danasoft.com/sig/Digerati.jpg[/img ]
    1. Re:haha! by sixdotoh · · Score: 0, Offtopic

      ah, the humiliation and agony of losing by 2 FREAKIN' MINUTES!! NOOOOOOoooo. come on man.

      --

      This post was brought to you by the number 584811 and the characters / and .

  2. whoa by Anonymous Coward · · Score: 0, Offtopic

    the left nav bar of slashdot has been redesigned!!!

    1. Re:whoa by Gherald · · Score: -1, Offtopic

      the left nav bar of slashdot has been redesigned!!!

      I started reading Slashdot just several weeks ago and I have to say this is a very welcome change.

      It makes spotting new stories much easier... props to who ever implemented it!

      --
      The unofficial /. digest
    2. Re:whoa by Gherald · · Score: 0, Offtopic

      Moderators: please read at -1 so you aren't mislead when a thread is reparented :\

      --
      The unofficial /. digest
  3. 2pac 4ever by Anonymous Coward · · Score: -1, Offtopic

    gay fuqn penis
    law & order rulez

  4. MODERATION ABUSE ON PARENT by Anonymous Coward · · Score: -1, Offtopic

    Parent is on-topic, crackpipe mods

    1. Re:MODERATION ABUSE ON PARENT by Anonymous Coward · · Score: -1, Offtopic

      good thing someone chose to use their modpoint to mod parent down, instead of modding grandparent up.

  5. TOTALLY Off-Topic, but... by suwain_2 · · Score: -1, Offtopic

    What just happened to the sidebar? (Look to your left)

    --
    ________________________________________________
    suwain_2 :: quality slashdot p
    1. Re:TOTALLY Off-Topic, but... by Anonymous Coward · · Score: -1, Offtopic

      Funny, the "more" labels read "exclusive" instead right after they made the change.

      A sign of things to come?

    2. Re:TOTALLY Off-Topic, but... by Anonymous Coward · · Score: -1, Offtopic

      it's been changed back to 'more' again. Nothing to see here, move along.

  6. Yes by Anonymous Coward · · Score: -1, Offtopic

    I'm leeching off my neighbors 802.11b router.
    No WEP here, baby!

  7. For hardware considerations... by DeathPenguin · · Score: 1, Offtopic

    I'm recently went from wired to 802.11g. However, it wasn't without a struggle. I did a good deal of research but still got suckered into buying a Broadcom-based card only supported in Windows. As it turns out, Broadcom doesn't support Linux well (Or at all, in this case). To add to the confusion, most of the cards that I checked out that had once boasted Linux compatibility had been 'upgraded' to use a Broadcom chip. Even 802.11b hardware that used the supported Prism2 chipset is damn near impossible to find these days as much of it has been changed over to use cheaper hardware (Not necessarily Broadcom, but other non-supported brands as well). Model names / numbers are virtually the same as they were before. It's basically like searching for a PCI non-Winmodem these days.

    My advice: Go with a nice ethernet bridge and don't get burned by bad / non-existent drivers. I ended up with a Linksys WET54G, which just so happened to be reviewed by THG earlier. It works flawlessly after I plugged it into my NIC under Linux. It also leaves my options open for other OSes that don't even have as much support as Linux. So long as your network card works (And interconnects via RJ45), you'll have a reliable wireless connection using the bridge. Not only that, but it has a configurator accessable through any web browser, much like their routers. This means configuring the bridge for use with encryption and such will work the same on Windows, Linux, MacOS, etc.

    Only problem is they're a bit expensive (Roughly $130). if you don't use Windows full time, it's worth every penny.

  8. slashdot redesign? by Anonymous Coward · · Score: -1, Offtopic
    about fucking time!

    why did you replace "xx new" stories with "xx exclusive"? There's nothing "exclusive about this shit.

  9. Pearls of Wisdom by GillBates0 · · Score: -1, Offtopic
    Do you have any wisdom to share about how to pull victory from the clutches of shameful defeat?

    Yes, yes I do. You need to be strong of heart and quick of step to emerge victorious. Courage is the key to victory, my friend.

    To quote Pierre Corneille: "A victory without danger is a triumph without glory."

    Also I must point out Napoleon Bonaparte's immortal words: "Victory belongs to the most persevering."

    Worry not, keep persevering and victory shall be yours.

    That's enough wisdom for a day...time to sleep. Good night. Spock out \\//

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  10. What I heard by djupedal · · Score: -1, Offtopic

    ...was that only users with such low karma as to make them shunned by lepers could see the new sidebar.

    Can you describe it in detail for those of us who aren't yet fallen angels?

  11. Re:FUCK YOU DICKHOLE by Anonymous Coward · · Score: -1, Offtopic

    haha, so what if someone modded me up again? :-P

  12. Re:Our story by Quixote · · Score: 0, Offtopic
    Huh? This dude just cut-n-pasted the original guy's second paragraph! Moderators, please wake up... :)

  13. 802.11b by Anonymous Coward · · Score: -1, Offtopic

    mmmmm UrinalPOOP!!!

  14. Hmph... by Qweezle · · Score: -1, Offtopic

    Well, there's always eBay. I mean, you can buy dead animals on eBay. Surely you can find this "802.1x". Of course, I'm far too advanced to need that....I'm using laser-guided soap dispensers. Crap. That's classified information. You heard nothing. *Flash*

  15. MODERATION ABUSE ON PARENT by Anonymous Coward · · Score: -1, Offtopic

    The parent is still unfairly modded down.

    Parent is ONTOPIC. What about it don't you like? You pissing moderators are an example of the kind of people who should be shot.

  16. ABUSE CONTAINS TO GREAT GRANDCHILDREN by Anonymous Coward · · Score: -1, Offtopic

    Just predicting that I will get modded down... UNFAIRLY!!

    I am sensing a very sinister pattern here.

  17. MOD PARENT UP by Anonymous Coward · · Score: -1, Offtopic

    No reason to drag me into this.

  18. GET A NEW USERNAME by Anonymous Coward · · Score: -1, Offtopic

    -1