Dailydave mailing list archives
Re: SILICA, hashes, etc
From: "Darren Spruell" <phatbuckett () gmail com>
Date: Thu, 8 Feb 2007 07:32:22 -0700
On 2/8/07, Thierry Zoller <Thierry () zoller lu> wrote:
Dear Dave, DA> One of our early adopters has a CISCO Leap network and I DA> remember reading of a simple algorithmic crack for the DA> authentication....has anyone tested it? Asleap - Joshua Wright The funny thing is, although Cisco knows it's broken they continue to use it in new products.
Another funny thing is, if you confront any Cisco engineer about LEAP's insecurities, they claim to be encouraging customers to go to EAP-FAST instead. http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item09186a00802030dc.shtml http://www.ciscopress.com/articles/article.asp?p=369223&seqNum=5&rl=1 Seems the security implementation of EAP-FAST has its own share of imperfections as well though. I wonder why a more standardized wireless security protocol didn't appeal to Cisco instead? DS _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- SILICA, hashes, etc Dave Aitel (Feb 07)
- Re: SILICA, hashes, etc Thierry Zoller (Feb 08)
- Re: SILICA, hashes, etc Darren Spruell (Feb 08)
- Re: SILICA, hashes, etc Paul Melson (Feb 08)
- Re: SILICA, hashes, etc Thierry Zoller (Feb 08)