Cisco WiFi Authentication Protocol Hack Tool
I saw the demo at Defcon last summer, apparently now the tool for cracking Cisco LEAP has been released. There’s been a lot of work on replacing WEP in the standard 802.11 stack with a more secure and infrastructure friendly system. Cisco LEAP was one of the contenders, apparently it didn’t fare too well. However, based on the presentations at Defcon, none of the offerings were doing very well. Tools like Kismet (for detecting networks) and AirSnort (for cracking WEP) have been around for a long time. So the existence of tools like this isn’t really surprizing. The interesting part is that WEP needs to be replaced cause it was insecure, and the replacements have ended up displaying major issues as well. General opinion is that most vendors saw a potential market advantage in being the first mover for implementing a replacement. So all these equiptment vendors raced off to fill the void without performing any sort of diligence, and now they’re getting spanked in the market cause their replacements are crap. Sure, it’s hard to get security right. But this time the problem seems to be just pure greed. Everyone jumped in before they were really ready.
April 12th, 2004 at 6:07 am
On the Cisco LEAP hacking tool
Mike Rowehl reacts to the news that somebody’s released a tool for automating attacks against Cisco’s LEAP wireless encryption.
April 22nd, 2004 at 9:03 pm
Let’s not confuse LEAP with WEP. LEAP is a protocol used to authenticate a node to a network. WEP is used to encrypt the data between the node and the access point. While WEP can act as a basic authentication mechanism, it’s primary role is to encrypt wireless communications.
Both technologies have been around for some time now, and are on their way out. For wireless security, there are now AES and TKIP for encryption, and WPA along with TLS encrypted authentication.