I'm waiting on the arrival of my new 350 access point for the office here. I just read an article about a new product; AirSnort, being able to passively collect information about a wireless network with the ability to break 40 bit encryption within 10 minutes and 128 bit encryption also. I plan on implementing Cisco Secure w/Leap. Is this effective against the capabilties of the AirSnort?
For starters, LEAP uses a dynamic WEP key. That makes the encrypted data stream much harder to crack. It does still use WEP though and the RC4 encryption which is probably still probably crackable (but with dynamicWEP keys, it's gotta be a LOT harder).
I guess it depends a bit on what you're encrypting. If you're the FBI working on tracking down bin Laden....nope, WEP and LEAP aren't good enough! Security is so relative.....I think WEP/LEAP is relatively better than the other options! One thing for sure, just WEP stops the wardrivers. Then LEAP stops the AirSnorters....or at least makes 'em collect a ton more data and probably still not get in.
You can also do thinks like syslogging to an external box that alerts based on MAC address (sure, there's holes in that too), monitor DHCP assignments, limit what MAC addresses can connect....you have a lot of options.
In the case of share wep keys if the hacker breaks the key say in 10 minutes they password he has is the same one in use. In the case of dynamic keys the cracker has a harder time because they keys change. So if he breaks the password for one conversation or connection it will not be the same one he gets when he tries to log in. This does not constitute perfect security but it does add one more layer. If this network had access to any sensitive information I would still use VPN's to controll who gets in and authenticate all attempts at access. There is some good information on the IEEE website about 802.11b and some of the new proposed methods on handling security at the physical layer also.