On Sun, 2007-07-15 at 09:14 -0400, Dan Williams wrote: > On Fri, 2007-07-13 at 19:19 -0400, Darren Albers wrote: > > I think Cisco is just acknowledging the obvious and longstanding > > weaknesses in LEAP and is doing the right thing and advising their > > customers to move to PEAP which works the same from the users > > prospective. > > LEAP has been steadily going away for a long time, because there are > well-known exploitable vulnerabilities (dictionary attacks on your > password) that have been around for at least 3 or 4 years. LEAP > hasn't > been considered secure for a long time. Dynamic WEP with 802.1x is > actually better, but only if you change your WEP key really often. > > LEAP also sucks because you can't know whether or not an AP supports > it > from the beacon, which is what WPA[2] fixes quite nicely.
The above sort of misses several points. One does not have the power to decide what authorization method an access point supplier uses. I use LEAP because that is what the University I was contacting uses. Second, if NM advertises it supports LEAP it should support LEAP. Until last week it did not at least on Fedora 7. Third, I am now informed that NM supports PEAP and other EAPs. Does it? Has anyone actually tried it? I hope so. In addition this ability is pretty well hidden in the lists of options that nm-applet displays. I would probably not have found it if Darren Albers had showed me how. -- ======================================================================= It's not hard to admit errors that are [only] cosmetically wrong. -- J.K. Galbraith ======================================================================= Aaron Konstam telephone: (210) 656-0355 e-mail: [EMAIL PROTECTED] _______________________________________________ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list