10-04-2001 03:37 AM - edited 07-05-2021 12:03 PM
Hi, understand that EAP generate dynamic WEP keys for individual client and sessions. Does that means that the same client firing an FTP session and Telnet session uses different WEP keys? Does the per session refers to source/destination IP as well as port numbers? Tks.
10-09-2001 10:36 AM
802.11b is a layer two solution (datalink). It does not know of anything higher in the stack( ip address, ports, applications).
A workstation uses the same wep for all network interaction.
I believe each workstation uses a different WEP.
10-16-2001 09:37 AM
The WEP key is generated per session, per user. A new dynamic WEP key is generated by combining the Initial vector and the password of the user. The password is the password used to authenticate against the Domain Controller via the ACS 2.6 server using Cisco Aironet Radius. The WEP key can be set to have a time out, forcing a renegotation to happen. Visit the following link to review:
http://www.cisco.com/warp/customer/cc/pd/witc/ao350ap/prodlit/1515_pp.htm
And the following to set the timeout for the ACS server:
http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/salep_an.htm
It is my understanding that it only takes two instances to determine a WEP key from the IV and the key. When two IVs are found a simple XOR is performed to determine the WEP key from the IV and the client key. The timeout of the WEP key is based on throughput. Once a threshold is met a key is renegotiated. There is a new IV per packet under this implmentation. I suspect that a pool of random numbers is being used (meaning you may have the same number more than once, nothing is truly random) This leads me to believe that a IV may be used for more than one user and therefore create a different dynamic WEP key and make it more difficult to crack.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide