|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] SILICA, hashes, etc
From: Darren Spruell (phatbuckett
gmail.com)
Date: Thu Feb 08 2007 - 08:32:22 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2/8/07, Thierry Zoller <Thierryzoller.lu> wrote:
> Dear Dave,
>
> DA> One of our early adopters has a CISCO Leap network and I
> DA> remember reading of a simple algorithmic crack for the
> DA> authentication....has anyone tested it?
>
> Asleap - Joshua Wright
> The funny thing is, although Cisco knows it's broken they continue to
> use it in new products.
Another funny thing is, if you confront any Cisco engineer about
LEAP's insecurities, they claim to be encouraging customers to go to
EAP-FAST instead.
http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item09186a00802030dc.shtml
http://www.ciscopress.com/articles/article.asp?p=369223&seqNum=5&rl=1
Seems the security implementation of EAP-FAST has its own share of
imperfections as well though. I wonder why a more standardized
wireless security protocol didn't appeal to Cisco instead?
DS
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]