https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107404#M22909 <HTML><HEAD></HEAD><BODY><P>The article in question talks about man-in-the-middle attacks that are possible even with 802.1x enabled. The problem is that 802.1x does not provide two-way authentication or security association (rogue access-points).</P><P></P><P>I don't think that this type of problem is likely to be widely exploited, but it isn't fair to say that 802.1x makes your WLAN secure.</P></BODY></HTML> Mon, 04 Mar 2002 16:17:07 GMT brian.carter 2002-03-04T16:17:07Z https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107400#M22905 <P>I saw this from another mailing list. We now have a many AP's installed at our HQ. While the Cisco solution seemed to be the best solution when I started researching; how worried should I be now?</P><P></P><P>Did you see the new posting about the flaws in 802.1X?</P><P></P><P>Follow this link,</P><P><A class="jive-link-custom" href="http://www.linuxsecurity.com/articles/network_security_article-4457.html" target="_blank">http://www.linuxsecurity.com/articles/network_security_article-4457.html</A></P><P></P><P></P> Mon, 05 Jul 2021 05:58:45 GMT https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107400#M22905 l.crowder 2021-07-05T05:58:45Z https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107401#M22906 <HTML><HEAD></HEAD><BODY><P>Have you looked at <A class="jive-link-custom" href="http://www.cisco.com/warp/customer/cc/pd/witc/ao350ap/prodlit/1327_pp.htm" target="_blank">http://www.cisco.com/warp/customer/cc/pd/witc/ao350ap/prodlit/1327_pp.htm</A>? </P></BODY></HTML> Mon, 25 Feb 2002 15:05:45 GMT https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107401#M22906 b.speltz 2002-02-25T15:05:45Z https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107402#M22907 <HTML><HEAD></HEAD><BODY><P>These two articles aren't related to the same vulnerability. The U of M paper describes problems with the proposed 802.1x security features such as session-hijacking and man-in-the-middle attacks.</P><P></P><P>As far as the risk or level of concern; the potential for serious damage is there, but this type of attack requires some effort and isn't likely to be seen outside of a contrived attack. If you think your organization is at risk for targeted attacks, you might consider IPSEC over wireless or just don't use wireless at all.</P></BODY></HTML> Thu, 28 Feb 2002 14:43:52 GMT https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107402#M22907 brian.carter 2002-02-28T14:43:52Z https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107403#M22908 <HTML><HEAD></HEAD><BODY><P>If you enabled the MIC, WEP Key Hashing, LEAP using RADIUS, your WLAN is secure!</P><P></P><P>To enabled all security features you must upgrade to the latest NDIS, Firmwares, and ACU.</P><P></P><P>Audie</P></BODY></HTML> Thu, 28 Feb 2002 15:43:12 GMT https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107403#M22908 aonibala 2002-02-28T15:43:12Z https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107404#M22909 <HTML><HEAD></HEAD><BODY><P>The article in question talks about man-in-the-middle attacks that are possible even with 802.1x enabled. The problem is that 802.1x does not provide two-way authentication or security association (rogue access-points).</P><P></P><P>I don't think that this type of problem is likely to be widely exploited, but it isn't fair to say that 802.1x makes your WLAN secure.</P></BODY></HTML> Mon, 04 Mar 2002 16:17:07 GMT https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107404#M22909 brian.carter 2002-03-04T16:17:07Z https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107405#M22910 <HTML><HEAD></HEAD><BODY><P>Allow me to clarify, WLAN is secure using Cisco LEAP (expensive), MIC, WEP Key Hashing, Dynamic Session Key, and Non-Broadcast SSID.</P><P></P><P>The ACS RADIUS authentication give two-way authentication, and MIC/WEP hashing/Dynamic Key Session will stop man-in-the-middle and session hijacking attacks. I'm not even surprise if NSA can not break-in aside from brute force decrypting the 128-bit Dynamic Session Key.</P><P></P><P>Audie Onibala</P></BODY></HTML> Mon, 04 Mar 2002 16:26:42 GMT https://community.cisco.com/t5/wireless/security-attacks-on-802-1x/m-p/107405#M22910 aonibala 2002-03-04T16:26:42Z