Thoughts on Cybersecurity, Wi-Fi and some other stuff
This year, I presented the topic WPA3-192-bit mode at the WLAN Klassentreffen (in German) and WLPC in Prague as a 10Talk. This is the video recording from WLPC: Here is the presentation from WLPC 2024 in Prague: And the German version from the WLAN Klassentreffen 2024 in Hamburg: Some more
Well, of course a Block cipher is always a Block cipher. But sometimes it might not be used as expected and this can cause some misunderstanding of how things work. If you implement IPsec VPNs, you likely know ESP, the Encapsulating Security Payload and it’s packet format: The Encapsulating Security
This blog post is for the paranoids among us Many companies use BYOD (Bring Your Own Device) processes to securely connect personal devices to the enterprise network. Typically, Enterprise Authentication with EAP-TLS ensures a good user experience without any struggles when Domain credentials are changed. But how do we connect
“Why did no one tell me before???” This July, I visited the Wi-Co (Wireless Community) event in Manchester and learned about a device that ideally fits my use case. Problem Statement When traveling, in meeting rooms, or in hotel rooms, I not only look above me to spot the APs,
Transition Disable is a mechanism to protect a WPA3 network against downgrade attacks and is described in Chapter 8 of the WPA3 Specification 3.3. When this feature is enabled, a station should configure it’s network profile to not connect to the SSID with AKMs that are not allowed in WPA3-only
In a previous blog post, I described connecting the Meraki MX to the internal network. In this blog post, I go through different ways to connect to the internet. The internal connection is not detailed here; this is independent of the external connection to the ISP. Option 1: One MX,
On the Cisco ISE, we can use Downloadable ACLs (DACLs) as an enforcement method to control what our endpoints are allowed to do in the network. These DACLs can be used with Catalyst switches and also with the Catalyst 9800 WLC starting with version 17.10.1 Compared to named ACLs, the
In Part 1 of this Blog post, I described the hardware setup of my LoRaWAN Lab. But the End Nodes and the Gateway is only one-half of a complete LoRaWAN setup. The Things Network shows the whole architecture: Image from https://www.thethingsnetwork.org/docs/lorawan/architecture/ This post is not meant to provide detailed setup
About two years ago, I studied for the CWISA exam from CWNP and learned about LoRaWAN for the first time. With many HomeKit devices, I have been interested in IoT for a long time. But with the CWISA, I got deeper into IoT technologies. When I got informed that my
At this year’s Wireless LAN Professionals Conference (WLPC) in Prague, I again presented a 10Talk. This time, it was about the different versions of IEEE 802.1X: You can download the presentation slides here: In this blog post, I have some additions to this presentation. The intro My initial animation was