Wpa-enterprise + Arpspoofing - Is It Possible?

[williamwrightman]

This is a simple question (I think) but one that I have not been able to find the answer to on Google. Maybe I am just using the wrong search terms.

We know that if someone can connect to a WEP or WPA-PSK network then he can ARPspoof it and become the MITM.

What I do not know is whether an individual who can connect to an WPA-ENTERPRISE network can also ARPspoof it.

Obviously on an ENTERPRISE network most people will have unique usernames and passwords whereas on a WPA-PSK or WEP network everyone is using the same password.

Is it possible to ARPspoof when on a WPA-ENTERPRISE network (assuming that you are connected to the network and have an IP address)?

Many thanks!

[bobbyb1980]

Although I've never tried it specifically with WPA enterprise, I'd think it would be possible. However, in my experience, usually beefy routers that are using 3rd party RADIUS servers have things like AP isolation enabled which will render a arpspoofing attack useless.

Just my opinion, but in a real life situation, I'd say you have a much higher probability of success by deauthenticating your target and getting them to connect to your own AP. Or connect to the real AP, and if it happens to be a weak router (which if it's using wpa enterprise it probably isn't) you can change some DNS settings. I don't like arpspoofing attacks because 1, they are hard to verify that they're actually working, 2, most browsers/anti-viri can see arpspoofing attacks and act accordingly, 3, to properly do it you need some halfway decent hardware which most laptops don't have.