lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20E7FB4B-8EAB-11D8-BF25-000A95703418@improbable.org>
From: chris at improbable.org (Chris Adams)
Subject: Cisco LEAP exploit tool...


On Apr 14, 2004, at 19:43, Aditya, ALD [Aditya Lalit Deshmukh] wrote:
>> Well, that really depends, doesn't it.  We're doing IPSEC using AES 
>> for
>> wireless on a test network.  It's a good deal more secure than our 
>> wired
>> network, which is still plain text.
>
> this sure is plain text but when combined with switches ( yes i know 
> they can be degraded to act like hubs ) it is not broadcasting any 
> info. so unless the intruder manages to get a physical wire in the net 
> it is *very* secure

Or gets access to a machine with a physical connection - a very nice 
way of upgrading from a single compromised client. Picture what would 
happen if the next email worm included an active password-collection 
feature.

This issue has become rather repetitive - we've gone through how many 
different revisions of wireless network security now? All of them have 
had flaws and those flaws have been more serious than they should have 
been because everyone was working under the same fundamental 
misconception that trusting the network is ever a good idea.

Consider how much more secure the average user would be if all of the 
time wasted on various wireless security systems had instead been spent 
enabling the strong end-to-end encryption already included in most 
common services.

Chris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2369 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040415/bde48917/smime.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ