Firewall Wizards mailing list archives
RE: Link level security with static arp tables
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 15 Oct 2003 10:38:52 -0400 (EDT)
[SNIP]
I am not aware of how PEAP is "known broken" for this kind of application (assuming one takes just a little care), and I'm not sure it will go away. If anyone has any good stuff to point me at I'd be interested in discussing this aspect further. I am, of course, familiar with the IETF draft. [1] I agree that I much prefer EAP-TTLS [2], since it's a cleaner design, but "word on the street" has it that PEAP is looking more likely to emerge as market victor.
I think the reference was that 'LEAP' is borked, known dictionary attack issues. I don't recall directly that PEAP was included in the mix on that. I have a brain tickle that hints that PEAP might not have been and was cisco's <Sharad Ahlawat> response to Joshua Wright's latest paper on LEAP dictionary attacks mentioned something about the other EAP protocols perhaps being off the target vector. I have that reply in storage here, if folks want to see it, or if Paul wishes me to repost it here. Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Link level security with static arp tables Debian User (Oct 13)
- Re: Link level security with static arp tables Luke Butcher (Oct 14)
- Re: Link level security with static arp tables Magosányi Árpád (Oct 15)
- Re: Link level security with static arp tables Paul Robertson (Oct 15)
- RE: Link level security with static arp tables Ben Nagy (Oct 15)
- RE: Link level security with static arp tables R. DuFresne (Oct 15)
- Re: Link level security with static arp tables Bennett Todd (Oct 15)
- Re: Link level security with static arp tables Magosányi Árpád (Oct 15)
- Re: Link level security with static arp tables Luke Butcher (Oct 14)
- <Possible follow-ups>
- RE: Link level security with static arp tables Sloane, David (Oct 14)