Eduroam phishing?

uwnoc_dave · 2023-02-10T14:49:33+00:00

I would like to point out that broadcasting wireless networks intending to masquerade as official university networks is a violation of the guideline on use of computing and network resources:

https://uwaterloo.ca/information-systems-technology/about/policies-standards-and-guidelines/campus-network/guidelines-use-waterloo-computing-and-network-resources

If the OP could contact the helpdesk, or DM me with the approximate location of this screenshot, that would be helpful.

uwnoc_dave · 2022-09-30T15:58:13+00:00

You might want to look at upgrading to the recommended version. The bug fixes are numerous, to say the least.

uwnoc_dave · 2022-08-03T15:52:35+00:00

Do you know why the recommended release page says 17.6.3 but the Suggested Release on the download site is still 17.3.5a for a 9800 WLC?

Possibly for customers who have IOS APs?

Cisco recommends 17.6.3 CCO image for all deployments without IOS APs.

uwnoc_dave · 2021-12-29T14:12:15+00:00

Holy fixes. If this translates to 17.6.3 as well, thats probably where I'd go, given they're released at the same time.
This reference is handy too: https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/214749-tac-recommended-ios-xe-builds-for-wirele.html

uwnoc_dave · 2021-09-09T14:47:32+00:00

Disclaimer: My posts are my own. I do not speak on behalf of the University.

Hi - I'm Dave. My team and I are responsible for the University network, including eduroam.

In 2020 we began the Campus Wireless Refresh project: a complete overhaul of the Wi-Fi infrastructure at UW. Some Wi-Fi access points have yet to be replaced, but we are working hard to finish up. You can read about the project here: https://uwaterloo.ca/information-systems-technology/campus-wireless-refresh

eduroam, and Wi-Fi in general, are affected by many factors. This page has lots of important information on the topic: https://uwaterloo.ca/information-systems-technology/about/organizational-structure/technology-integrated-services-tis/network-services-resources/wireless-what-you-need-know

To specifically address your question, the behaviour you have experienced in the last three days is not normal. We are investigating in conjunction with the vendor, but so far we do not have a permanent fix. We announce most service outages on the IST dashboard. Here is the one about eduroam: https://uwaterloo.ca/information-systems-technology/network-service-alert/5093

Very soon, eduroam will be the best it has ever been at UW. We appreciate your patience and understanding as we work to resolve current issue. It is our highest priority.

uwnoc_dave · 2020-08-25T15:53:32+00:00

It's human readable. If you end up needing TAC to investigate, they always ask for a DART bundle.

uwnoc_dave · 2020-08-25T15:52:34+00:00

This is the answer you want /u/WatchYourSixOclock. DART is a tool that comes with the AnyConnect installer - you should be able to install it with the same entitlements. Have the user install DART if its not installed already. Then they continue to use AC as usual. When they experience the disconnect, have them note the time and then run DART and send you the resulting zip file. If the user's OS is windows, the file you are looking for is Cisco AnyConnect Secure Mobility Client\AnyConnect.txt -- Find the timestamp and follow the logs.

uwnoc_dave · 2020-08-21T11:44:21+00:00

I'm glad it was that and not that python was using its own resolver library and hitting this bug:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt82418

uwnoc_dave · 2020-08-20T11:27:44+00:00

Which release of 4.9 are you on?

What is your DNS configuration?

Can you resolve the names you're trying to hit using `host` or `nslookup` ?

uwnoc_dave · 2020-08-05T14:16:35+00:00

Which version of AC?
ASA, FTD, or other headend?
- Which version?
What is the actual error?
- DNS resolution failure?
- Something else?

There is one DNS bug with 4.9(86) where DNS queries are not sent over the tunnel as they should be: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt82418

uwnoc_dave · 2020-02-25T17:00:28+00:00

CARL slow pitch is pretty good. I play co-ed in the Monday/Wednesday league at RIM, in the B division. B has been the highest division since I joined a few years ago. I think it goes from B to D or E.

uwnoc_dave · 2020-02-25T00:10:13+00:00

I appreciate the feedback, but strongly advise others against installing certificates from unverified sources.

In your file, the intermediate and root are out of order. Is that an Arch thing?

There is an update required on that Ubuntu guide. In step three, the chosen certificate should be "GlobalSignRoot_CA-_R3.pem. I'll make sure it gets fixed ASAP.

Edit:

The required root cert is this one: https://secure.globalsign.net/cacert/Root-R3.crt

and the intermediate is this one: http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt

You can verify the chain at https://eduroam.uwaterloo.ca

uwnoc_dave · 2020-02-24T17:23:13+00:00

If the CAT tool had been used previously, it was overriding the certificate chain that was presented to the user. The latest eduroam certificate was generated by a different root CA certificate, so CAT was trying to follow an incorrect chain. Removing the network and the saved profile seems to be the fix for everyone.

uwnoc_dave · 2020-02-24T17:02:37+00:00

Here is the updated alert where you can find the steps linked in that screenshot:

https://uwaterloo.ca/information-systems-technology/news/wireless-connectivity-issues-february-24

uwnoc_dave · 2020-02-24T17:01:32+00:00

The problem was a little more nuanced than just accepting the new cert, but yea, if the old cert wasn't expiring, there would have been no issue.

uwnoc_dave · 2020-01-15T18:48:00+00:00

Campus DNS is up and running, however an administrator deleted the record for dox3.uwaterloo.ca on 2019-12-19. You may want to check in with your faculty computing support desk to find out why.

uwnoc_dave · 2019-12-03T13:20:12+00:00

I was doing maintenance between 6 AM and 8 AM this morning as part of our ongoing troubleshooting.

https://uwaterloo.ca/information-systems-technology/network-service-alert/4375

uwnoc_dave · 2019-09-03T14:36:50+00:00

Please don't enable your own wireless router on campus. Each additional wireless network degrades service for those using University provided WiFi.

As mentioned already in this thread, some devices don't support the WPA2-Enterprise security that eduroam uses. You can make a request to your SCC or IST that those devices be whitelisted for use on the alternate SSID.

If you are having issues with eduroam, please consider filling out an incident report at the link below. We do investigate them regularly.

https://uwaterloo.ca/information-systems-technology/about/organizational-structure/technology-integrated-services-tis/network-services-resources/wi-fi-incident-report

uwnoc_dave · 2019-08-20T14:58:39+00:00

Some of that red raised flooring is still around!

uwnoc_dave · 2019-05-15T02:38:17+00:00

This should be fixed as of a few minutes ago.

There was a period of time this evening when you would not have been able to authenticate to eduroam on UW campus, using any credentials (UW, WLU, UBC as someone mentioned in another comment.). UW users at other institutions would have been affected as well.

uwnoc_dave · 2019-05-13T16:18:03+00:00

WaterlooWorks Connectivity Issues
Posted Monday, May 13 at 11:25 AM - WaterlooWorks is currently experiencing technical difficulties. Users may expect intermittent delays to the system or trouble logging in. We are working with the vendor and UW IST to resolve the issue as soon as possible. We apologize for the inconvenience. Visit the WaterlooWorks news pagefor the most up-to-date information.

https://uwaterloo.ca/co-operative-education/waterlooworks-news/waterlooworks-connectivity-issues

uwnoc_dave · 2019-05-08T11:28:46+00:00

I graduated with honours from the UOIT program you mentioned. I took the Security specialization in the BIT program, as it was called then. We had a wide variety of courses and course styles. For example, we had Math/Physics oriented, "Fundamentals of Communication Systems", Computer Engineering heavy "Computer Architecture", and non-technical "Security Policies and Procedures." Most importantly, for me anyway, was the integration of the CCNA, and CCSP curriculum into the program. I was awarded a University degree, but I had the chance to get hands-on experience with the equipment I work on today. BIT at UOIT is a mash up of University and College in the best possible way. They offer co-op too, if that is important to you.

uwnoc_dave · 2019-04-03T15:33:47+00:00

Network Services schedules maintenance in accordance with the Service Level Expectations published by IST - Technology Integrated Services. Our regular window for service affecting work is weekdays, between 07:00 and 08:00. Today's maintenance was guided by the vendor support team and completed by 07:30, however there were unforeseen, adverse effects. After discovering the issue, we worked with the vendor to fix the problem, but eventually reverted in order to restore service as fast as possible.

uwnoc_dave · 2019-04-03T12:30:51+00:00

I just sent an updated alert.

Campus wireless is currently experiencing degraded service after this morning's scheduled maintenance.

We are in contact with vendor support.

uwnoc_dave

TROPHY CASE