LEAP user ID transmitted in clear text

Unanswered Question
May 23rd, 2002
User Badges:

It appears that the LEAP user ID is transmitted in clear text over the airwaves (password is not) and anyone with a wireless sniffer can see it. Is this normal? Or is there a setting to change this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mmellet Mon, 06/03/2002 - 06:13
User Badges:

This is normal. Most usernames are derivatives of their real name or email address or something similar so they can be easily guessed or learned form e-mails, etc. So usernames are not a secure item to start with so it doesn’t matter that they’re in clear text.

bmcmurdo Mon, 06/03/2002 - 15:09
User Badges:
  • Cisco Employee,

You can't encrypt it because you don't have an encryption key yet! LEAPs whole purpose is to dynamically derive (at the client and the RADIUS server) a dynamic WEP key, until this is done, you can't encrypt anything.


Actions

This Discussion

 

 

Trending Topics - Security & Network