Question RE: eap-tls

jtrumbell · ‎10-11-2007

So I have an AP configured to use a radius server for eap-tls the CA and Radius server are MS CA and MS IAS clients are XPpro. Everything is working fine. So where my question is the cracking of a WEP(128bit encryption). Could someone be in the area sniff the wireless data traffic which is encrypted, then later crack the WEP encryption to view the data? Our WEP keys change every 7 minutes. Thanks John

irisrios · ‎10-17-2007

Yes they could sniff the packet and try to crack it later. But since the WEP changes every 7 minutes there is almost no security risk involved

jtrumbell · ‎10-17-2007

But once they've cracked the key from the capture. Could they then view the data? ie capture id's and pwds that are in the clear? reconstruct an email,etc? I'm not worried about them connecting since they'd need the certificates and a valid ID and password.

thanks

dennischolmes · ‎10-17-2007

No. The key only gets them access to the network. Not the traffic. They could in fact crack the key, but in 7 minutes it is a useless piece of information.

jtrumbell · ‎10-18-2007

Great thanks, we may be adding another AP and we just want to review that using eap-tls is still a very strong of means of securing AP's and their traffic. Do you have any other recommendations?

thanks