[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20E7FB4B-8EAB-11D8-BF25-000A95703418@improbable.org>
From: chris at improbable.org (Chris Adams)
Subject: Cisco LEAP exploit tool...
On Apr 14, 2004, at 19:43, Aditya, ALD [Aditya Lalit Deshmukh] wrote:
>> Well, that really depends, doesn't it. We're doing IPSEC using AES
>> for
>> wireless on a test network. It's a good deal more secure than our
>> wired
>> network, which is still plain text.
>
> this sure is plain text but when combined with switches ( yes i know
> they can be degraded to act like hubs ) it is not broadcasting any
> info. so unless the intruder manages to get a physical wire in the net
> it is *very* secure
Or gets access to a machine with a physical connection - a very nice
way of upgrading from a single compromised client. Picture what would
happen if the next email worm included an active password-collection
feature.
This issue has become rather repetitive - we've gone through how many
different revisions of wireless network security now? All of them have
had flaws and those flaws have been more serious than they should have
been because everyone was working under the same fundamental
misconception that trusting the network is ever a good idea.
Consider how much more secure the average user would be if all of the
time wasted on various wireless security systems had instead been spent
enabling the strong end-to-end encryption already included in most
common services.
Chris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2369 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040415/bde48917/smime.bin
Powered by blists - more mailing lists