Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Claim to Crack 802.1x WiFi

Posted by timothy on from the security-is-an-illusion dept.

satsujin writes: "Researchers from the University of Maryland have released a paper on the weaknesses found in the 802.11x protocol. It looks like it might not be as strong as Cisco has contended."

4 of 109 comments (clear)

  1. but I still love the wireless by stego · · Score: 5, Interesting

    I have a wireless setup at home and absolutely love it. I also assume that everything I do on the network is transparent and so take appropriate steps when the situation is called for. Props to all the developers of GPG and OpenSSH.

    And - this type of thing will only eventually lead to us having a more secure wireless networking protocol. Aren't you glad that these guys have the freedom to this kind of research?

  2. Just curious... by siliconwafer · · Score: 4, Interesting

    Would authentication using Mac Addresses take care of this problem? Or at least mac-address checking... Each wireless client has a Mac Address, after all....

  3. Is this protected by DMC by monkeyserver.com · · Score: 3, Interesting

    Maybe this is a question of understanding, if some corporation was sponsering or developed these standards could they sue these dudes under the DMC?

    --
    http://monkeyserver.com --- weeeeee
  4. Client availability is the problem by sjhwilkes · · Score: 3, Interesting

    I'm responsible for security for a 20 acre wireless net. The biggest problem I have is that I inherited the net and it's multivendor.
    Cisco LEAP is great on 1/3 of it - and with WEP and 4 hour keys I feel it's as secure as I'd like it - running a VPN seems overkill and not user friendly. The Avaya (Lucent/Orinoco) bits are a pain because the client devices don't support any advanced security (they're cash registers) and on the Symbol bit the clients are handheld bar code scanners - which don't even support WEP.

    The solution, firewalls - each wireless net is a VLAN which only has limited connectivity to the rest of the net. Some cracker can spend the time to get onto the LAN if they want to but they're not going to find anything interesting. The couple of servers that are available are hardened as if they were on the DMZ - I suspect this is the answer for alot of firms until multi-vendor wireless security is sorted out, which I think will be in a year when the clients/APs are replaced with 802.11a or 802.11g devices (we'll wait for 802.11g 'cos the range on 802.11a is unworkable)