Vulnerability, Potential Exploit In Cisco WLAN APs

An anonymous reader writes "The AirMagnet Intrusion Research Team has uncovered a new wireless vulnerability and potential exploit associated with Cisco wireless LAN infrastructure. The vulnerability involves Cisco's Over-the-Air-Provisioning (OTAP) feature found in its wireless access points. The potential exploit, dubbed SkyJack by AirMagnet, creates a situation whereby control of a Cisco AP can be obtained, whether intentionally or unintentionally, to gain access to a customer's wireless LAN."

Re:The only real security....

O RLY?

"Power sockets can be used to eavesdrop on what people type on a computer."
http://news.bbc.co.uk/2/hi/technology/8147534.stm

In this case the hardwire is the problem.

Re:Config option, not all that bad

[SlamMan]

If you have a very large network and no centralized configuration manager, you're going to have a lot of problems every time any issue comes up that requires a change. Config managers don't have to be complicated or expensive (see RANCID or CatTools), but not having them inplace means a lot of needless legwork.

Re:Config option, not all that bad

[222]

Look at Kiwi CatTools. Its a couple hundred bucks and supports the management of hundreds of devices via scripted CLI. I use it to manage all of my Cisco devices for config backups, etc. If your org can't spare a couple hundred for this management utility, then you have bigger problems than wifi. Kiwi also does a TON of other neat things, like configuration comparisons side by side.

Re:Config option, not all that bad

[cbiltcliffe]

Config managers don't have to be complicated or expensive (see RANCID......

We want......a SHRUBBERY!

Ni...ni...ni!!!

(For the mods....RANCID is a tool made by Shrubbery Networks....)