[48727] in North American Network Operators' Group
RE: LEAP Security Vulnerabilities??
daemon@ATHENA.MIT.EDU (Rowland, Alan D)
Thu Jun 13 14:53:14 2002
From: "Rowland, Alan D" <alan_r1@corp.earthlink.net>
To: nanog@merit.edu
Date: Thu, 13 Jun 2002 11:52:28 -0700
Errors-To: owner-nanog-outgoing@merit.edu
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C2130B.775F56A0
Content-Type: text/plain;
charset="ISO-8859-1"
If you're serious enough about security to find 128 WEP inadequate, I would
think you would be doing some sort of VPN or other SSL solution anyway,
making WEP redundant. Or am I missing something?
Best,
-Al Rowland
-----Original Message-----
From: Hyska, Jason [JJCUS] [mailto:JHyska1@CORUS.JNJ.com]
Sent: Thursday, June 13, 2002 10:15 AM
To: nanog@merit.edu
Subject: LEAP Security Vulnerabilities??
I am well aware of the many security vulnerabilities that exist on wireless
networks as well as the inadequacies of WEP. I was curious if anyone has
had any experiences with Cisco's LEAP authentication protocol? I have
scoured the net for reviews or documents examining any potential
vulnerabilities, but have not been able to find any. Any and all help or
information would be appreciated.
Thanks in advance,
Jason Hyska
Worldwide Information Security
Johnson & Johnson
jhyska1@corus.jnj.com
------_=_NextPart_001_01C2130B.775F56A0
Content-Type: text/html;
charset="ISO-8859-1"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
<TITLE>LEAP Security Vulnerabilities??</TITLE>
<META content="MSHTML 6.00.2715.400" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff size=2>If
you're serious enough about security to find 128 WEP inadequate, I would think
you would be doing some sort of VPN or other SSL solution anyway, making WEP
redundant. Or am I missing something?</FONT></SPAN></DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff
size=2>Best,</FONT></SPAN></DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff size=2>-Al
Rowland</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Hyska, Jason [JJCUS]
[mailto:JHyska1@CORUS.JNJ.com]<BR><B>Sent:</B> Thursday, June 13, 2002 10:15
AM<BR><B>To:</B> nanog@merit.edu<BR><B>Subject:</B> LEAP Security
Vulnerabilities??<BR><BR></FONT></DIV><BR>
<P><FONT size=2>I am well aware of the many security vulnerabilities that
exist on wireless networks as well as the inadequacies of WEP. I was
curious if anyone has had any experiences with Cisco's LEAP authentication
protocol? I have scoured the net for reviews or documents examining any
potential vulnerabilities, but have not been able to find any. Any and
all help or information would be appreciated.</FONT></P>
<P><FONT size=2></FONT> <BR><FONT size=2>Thanks in advance,</FONT> <BR><FONT
size=2>Jason Hyska</FONT> <BR><FONT size=2>Worldwide Information
Security</FONT> <BR><FONT size=2>Johnson & Johnson</FONT> <BR><FONT
size=2>jhyska1@corus.jnj.com</FONT> <BR><FONT size=2> </FONT>
</P></BLOCKQUOTE></BODY></HTML>
------_=_NextPart_001_01C2130B.775F56A0--
