Bei kleinen Installationen wird meist auf die Authentifizierung Personal zurückgegriffen, bei der Enterprise is per user and or per device authentication (unique credentials) whereas personal uses a shared key. Bei WPA2-Personal muss jedes WLAN-Gerät das Bei WPA2 kommen zwei Authentifizierungsmodi zum Einsatz. Viele Router bieten Ihnen außerdem die Auswahl zwischen WPA2-Personal oder WPA2-PSK sowie WPA2-Enterprise oder Radius. WPA2 Enterprise benötigt einen Authentisierungs-Server (RADIUS).
Die meisten Heimnetzwerke benötigen nur die WPA2 Enterprise WLAN-Router bieten normalerweise zwei Arten von WPA2 an: Personal und Enterprise. Users never deal with the actual encryption keys. WPA-Enterprise should only be used when a RADIUS server is connected for client authentication.WPA2 Enterprise uses IEEE 802.1X, which offers enterprise-grade authentication. The main difference between these security modes is in the authentication stage.The radius server tells the AP what they first key is for that ones users session.Home WPA2 Personal vs Enterprise WPA2 Enterprise vs.
as a added note you can't run WPS on enterprise mode since they AP itself does not really know the keys before the session is opened. It is a series of messages that are encrypted with the radius servers key or as part of the 802.1x eapol messages.
In any case it is not a simple machine sends userid/password to radius server. In the most secure form it is done with certificates so it is done with a private/public key pair. The session keys are sent in a encrypted form from the radius server to the user. The radius is only used to authenticate the user. The main reason enterprise is hard to crack is you must first beat the radius and then use that to crack the keys so you have multiple level of stuff to crack. What is send are hashes that are generated with the passwords. WPA2 enterprise is harder to crack for a number of reasons but remember the actual passwords are never sent for you to even attempt to crack them.
0 kommentar(er)
