Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: LEAP + RADIUS

From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 6 Jun 2003 09:01:18 -0700
-----Original Message-----
From: Leopoldo Dato [mailto:ldato () shaw ca]
Sent: June 4, 2003 19:11
To: security-basics () securityfocus com
Subject: LEAP + RADIUS

Informations on how test the vulnerability of a wireless 
network using  LEAP + RADIUS server? 


  So far as I understand it, LEAP requires RADIUS to operate.
What it does is change the WEP key about every 15 minutes.
  So if a WLAN is using LEAP, it must be using WEP.  It should
be no more vulnerable than a WLAN not using WEP, and it should
be secure against any WEP-cracking utility that doesn't come up
with the key in 15 minutes or less.  (Vulnerabilities not 
associated with WEP are not going to be fixed by LEAP, so testing
for them is going to be the same as if LEAP were not being used.)

David Gillett



---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: