RE: Wireless LAN Security for Warehouse

["Rusty Chiles" <rustychiles () cox net>]

Whatever you do DO NOT use LEAP.
LEAP uses a slightly modified MSCHAP to authenticate users.
We all know how easy it is to do a dictionary attack on MSCHAP.


Read here for more info:
http://seclists.org/lists/bugtraq/2003/Oct/0052.html

or here:
http://asleap.sourceforge.net/

I'd go with a 802.1x implementation that uses PKI.
PEAP is solid. EAP-TLS is solid. I've yet to see the upcoming EAP-FAST,
which is supposed to be ciscos replacement for LEAP but it may also be an
option.


I'm a fan of peap.......... so I'll rant about it a little bit.


For example, with PEAP we have (WEP) on the outside.......note that newer
WEP implementations do not create weak IV's that are typically used to crack
wep. The key must be bruteforced (a 128 bit wep key with 26 hexidecimal
digits that is not based on a dictionary word passphrase may prove very
difficult to crack.

Now, within WEP we have PKI which is tried and true(The certificate).......
So if they break wep, now they're trying to crack the TLS Tunnel which is
based on a digital certificate.

Within that we have password authentication. The exchange happens within the
TLS Tunnel. Which happens inside of wep. Getting the password hash here is
going be a problem for a would be attacker.

Lastly we have access control on a  Radius server.

In addition you could add MAC filtering if you wanted to, even though it
doesn't really offer much security as a smart attacker can see the MAC and
easily spoof it.

Adding additional layers like IPSEC or VPN can add to the security as well,
but it increases complexity, which isn't always warranted. With a
Implementation like the one above, I wouldn't want to take the performance
hit unless the data is REALLY that important.


thanks,
Rusty

Wireless Security, Geekery, Wardriving, Wifi Maps of Phoenix & More.
http://www.crackrock.org

-----Original Message-----
From: Paul Duffany [mailto:paul.duffany () sanmina-sci com]
Sent: Tuesday, May 04, 2004 9:43 AM
To: 'Jennifer Fountain'; security-basics () lists securityfocus com
Subject: RE: Wireless LAN Security for Warehouse
Sensitivity: Private



I would suggest Cisco Leap as it is still the safest that I know of.

Thanks
Paul Duffany
Network Engineer





John 3:16
1st Corinthians 13



********************************* Notice
*****************************************************
This electronic mail transmission may contain confidential or privileged
information.
If you believe you have received the message in error, please notify the
sender by
reply transmission and delete the message without copying or disclosing it.


-----Original Message-----
From: Jennifer Fountain [mailto:jfountain () rbinc com]
Sent: Monday, May 03, 2004 1:56 PM
To: security-basics () lists securityfocus com
Subject: Wireless LAN Security for Warehouse
Sensitivity: Private


My company is looking into wireless technology for our warehouse to
replace our RF devices.  I have been tasked to research which techonolgy
we should use.   Right now, we are looking into symbol.  They seem to
have a good infrastructure.  What is your opinion on their product's
security?  Can anyone recommend any other wireless products or recommend
certain security requirements that I should look for in these devices?
=20

Thanks for any help!

Kind Regards,

Jennifer Fountain



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------