RE: [Full-Disclosure] Cisco LEAP exploit tool...

["Williams Jon" <WilliamsJonathan@xxxxxxxxxxxxx>]

Well, that depends.  For example, if you aren't using some form of
strong authentication (i.e. smart cards, SecureID tokens, etc.) then its
possible for someone to steal a laptop, use something like Cain (from
the package Cain & Able) to extract their password from the registry.
With that and a known wireless laptop, the attacker can then access your
whole network from the parking lot (or the neighbor's house, or 7 miles
away, etc.)

While the same password vulnerability exists for non-wireless
environments, it does mean that the attacker would have to have physical
access to the building to use the credentials.

Jon 

-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Paul
Schmehl
Sent: Wednesday, April 14, 2004 12:42 PM
To: Email List: Full Disclosure
Subject: Re: [Full-Disclosure] Cisco LEAP exploit tool...

--On Wednesday, April 14, 2004 09:17:56 AM -0500 Ron DuFresne
<dufresne@xxxxxxxxxxxxx> wrote:
>
> All wireless traffic should be treated as unsecured, and pushed 
> through a DMZ/encryption tunneled setup.  Puttiing wireless AP's 
> directly on the LAN is a major blunder.
>
Well, that really depends, doesn't it.  We're doing IPSEC using AES for
wireless on a test network.  It's a good deal more secure than our wired
network, which is still plain text.

Or did you just assume that everyone is using WEP?

Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html