WiFi Security Question:

Should an impostor capture the authenticator on the network and, without decrypting it, sends it as is to the captive gateway, could he or she obtain illegal access to the network?

Answer:

It is not as simple as it seems. Once the impostor has sniffed the authenticator, before using it he or she must wait for the legitimate client to abandon the network. The IP and MAC addresses would then be changed and made correspond with those of the client who abandoned the network and lastly send the authenticator to the gateway, while waiting for the latter to enable the connection. In fact, the impostor would wait in vain for two reasons: the authenticator has a limited duration over time and most certainly, on use by an impostor, will have already expired; the captive gateway can remember previously used authenticators to enable a connection and won't allow access to a replica.


Previous QuestionNext Question
How to hack the wifi password?Why should not the user close the popup control window which appears after the authentication with the CaptivePortal?