Re: [Aironet] Session Key timeouts
Status: Inactive
Brought to you by:
breed
From: Jim V. <jv...@ci...> - 2001-10-26 13:27:52
|
On Fri, Oct 26, 2001 at 01:55:08PM +0100, Joyce, Matthew wrote: >=20 > Now what about "evil twin" access points doing man-in-the-middle - snatch= ing > the SecurId and reusing it to authenticate to the real access point within > the 60 second SecurID rollover. Does the station authenticate the access > point or the ACS server? >=20 The station authenticates the ACS server, and the ACS server authenticates the access point via the shared secret. Jim --=20 | | Jim Veneskey :|: :|: Software Test Engineer :|||: :|||: 320 Springside Drive Suite 350, Akron OH 44333 =2E:|||||||:..:|||||||:. Email: jv...@ci... |