Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question RE: eap-tls

So I have an AP configured to use a radius server for eap-tls the CA and Radius server are MS CA and MS IAS clients are XPpro. Everything is working fine. So where my question is the cracking of a WEP(128bit encryption). Could someone be in the area sniff the wireless data traffic which is encrypted, then later crack the WEP encryption to view the data? Our WEP keys change every 7 minutes. Thanks John

4 REPLIES
Silver

Re: Question RE: eap-tls

Yes they could sniff the packet and try to crack it later. But since the WEP changes every 7 minutes there is almost no security risk involved

New Member

Re: Question RE: eap-tls

But once they've cracked the key from the capture. Could they then view the data? ie capture id's and pwds that are in the clear? reconstruct an email,etc? I'm not worried about them connecting since they'd need the certificates and a valid ID and password.

thanks

Re: Question RE: eap-tls

No. The key only gets them access to the network. Not the traffic. They could in fact crack the key, but in 7 minutes it is a useless piece of information.

New Member

Re: Question RE: eap-tls

Great thanks, we may be adding another AP and we just want to review that using eap-tls is still a very strong of means of securing AP's and their traffic. Do you have any other recommendations?

thanks

202
Views
0
Helpful
4
Replies