Abstract
In this paper, A lot of public areas provide the WLAN service for nomadic users so that they can finish the tasks even when they are out of office. Therefore, the security of public WLANs is more important than past. Nowadays many public WLANs service providers the Captive Portal to authenticate users. The Captive Portal uses a webpage to request a user to authenticate himself by providing his own username and password. This security mechanism proved to be simple and effective because users cannot access Internet before they get authenticated. However, in this paper, we shall illustrate that for public WLANS which are guarded by Captive Portal, will be vulnerable to man-in-themiddle attacks. Therefore, a hacker can careful send out some spoofing packets and take advantage of the public WLAN to access Internet without being authenticated. We show the vulnerability by both protocol analysis and a real implementation in C programs.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
