Hello World! You learned about personal networks with security schema up to WPA2 in previous posts. From now on, I'll be discussing Enterprise networks with you and how you can exploit them (of educational purposes).

Confused between WPA/WPA2 and EAP?

While learning about EAP methods for enterprise networks (discussed later), I was perplexed as to why, if EAP was used in WPA/WPA2, there are no different methods of information seen in packets.

My confusion was cleared only when I came to know that EAP is only a protocol of authentication and WPA/WPA2 is a protocol of encryption and integrity. The key derivation and delivery part in the EAP packets are from the WPA/WPA2 specifications, it defines how the authentication will happen.

RADIUS (Remote Authentication Dial-In User Service) is networking protocol that provides centralised way to manage authentication, authorisation and accounting (AAA) for the users who want to connect to wireless service. There is a RADIUS server component, which usually run as a background process on operating system.

Bad joke alert!! It sounds funny to have Diameter as evolved version of RADIUS.

It was created long before IEEE released the first standard, and it was later integrated into the world of wireless networking. With the implementation of EAP the use of RADIUS in enterprise is now become a standard.

802.1X is a network access control (NAC) standard that actually implements the authentication and authorisation in the scene, whereas RADIUS server is used as an administration portal for the user details.