Security Basics mailing list archives
RE: LEAP + RADIUS
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 6 Jun 2003 09:01:18 -0700
-----Original Message----- From: Leopoldo Dato [mailto:ldato () shaw ca] Sent: June 4, 2003 19:11 To: security-basics () securityfocus com Subject: LEAP + RADIUS Informations on how test the vulnerability of a wireless network using LEAP + RADIUS server?
So far as I understand it, LEAP requires RADIUS to operate. What it does is change the WEP key about every 15 minutes. So if a WLAN is using LEAP, it must be using WEP. It should be no more vulnerable than a WLAN not using WEP, and it should be secure against any WEP-cracking utility that doesn't come up with the key in 15 minutes or less. (Vulnerabilities not associated with WEP are not going to be fixed by LEAP, so testing for them is going to be the same as if LEAP were not being used.) David Gillett --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- LEAP + RADIUS Leopoldo Dato (Jun 06)
- RE: LEAP + RADIUS David Gillett (Jun 06)
- <Possible follow-ups>
- RE: LEAP + RADIUS Storch, Beau (Jun 06)