Yes you are correct. Except that I've read to have the key regenerated every 8 minutes, unless you are using TKIP. If you are using TKIP you should change your key regeneration to 4 hours and 40 minutes, per Cisco
-----Original Message----- From: David Gillett [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2003 9:01 AM To: 'Leopoldo Dato'; [EMAIL PROTECTED] Subject: RE: LEAP + RADIUS > -----Original Message----- > From: Leopoldo Dato [mailto:[EMAIL PROTECTED] > Sent: June 4, 2003 19:11 > To: [EMAIL PROTECTED] > Subject: LEAP + RADIUS > > Informations on how test the vulnerability of a wireless > network using LEAP + RADIUS server? So far as I understand it, LEAP requires RADIUS to operate. What it does is change the WEP key about every 15 minutes. So if a WLAN is using LEAP, it must be using WEP. It should be no more vulnerable than a WLAN not using WEP, and it should be secure against any WEP-cracking utility that doesn't come up with the key in 15 minutes or less. (Vulnerabilities not associated with WEP are not going to be fixed by LEAP, so testing for them is going to be the same as if LEAP were not being used.) David Gillett --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
