On Fri, 2007-07-13 at 19:19 -0400, Darren Albers wrote:
I think Cisco is just acknowledging the obvious and longstanding
weaknesses in LEAP and is doing the right thing and advising their
customers to move to PEAP which works the same from the users
prospective.
LEAP has been steadily going away for a long time, because there are
well-known exploitable vulnerabilities (dictionary attacks on your
password) that have been around for at least 3 or 4 years. LEAP hasn't
been considered secure for a long time. Dynamic WEP with 802.1x is
actually better, but only if you change your WEP key really often.
LEAP also sucks because you can't know whether or not an AP supports it
from the beacon, which is what WPA[2] fixes quite nicely.
Dan
On 7/13/07, Aaron Konstam [EMAIL PROTECTED] wrote:
After all this falderall to get LEAP
working in NM I was informed today that
CISCO is not sure it wants to ocntinue
to support LEAP so people are going to
PEAP or is it PEEP.
Well as we know in computer things change fast. What a bummer.
--
===
Intolerance is the last defense of the insecure.
===
Aaron Konstam telephone: (210) 656-0355 e-mail: [EMAIL PROTECTED]
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list