10-11-2007 07:21 AM - edited 07-03-2021 02:45 PM
So I have an AP configured to use a radius server for eap-tls the CA and Radius server are MS CA and MS IAS clients are XPpro. Everything is working fine. So where my question is the cracking of a WEP(128bit encryption). Could someone be in the area sniff the wireless data traffic which is encrypted, then later crack the WEP encryption to view the data? Our WEP keys change every 7 minutes. Thanks John
10-17-2007 10:57 AM
Yes they could sniff the packet and try to crack it later. But since the WEP changes every 7 minutes there is almost no security risk involved
10-17-2007 11:31 AM
But once they've cracked the key from the capture. Could they then view the data? ie capture id's and pwds that are in the clear? reconstruct an email,etc? I'm not worried about them connecting since they'd need the certificates and a valid ID and password.
thanks
10-17-2007 12:21 PM
No. The key only gets them access to the network. Not the traffic. They could in fact crack the key, but in 7 minutes it is a useless piece of information.
10-18-2007 08:32 AM
Great thanks, we may be adding another AP and we just want to review that using eap-tls is still a very strong of means of securing AP's and their traffic. Do you have any other recommendations?
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: