cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1265
Views
0
Helpful
5
Replies

Security attacks on 802.1x

l.crowder
Level 1
Level 1

I saw this from another mailing list. We now have a many AP's installed at our HQ. While the Cisco solution seemed to be the best solution when I started researching; how worried should I be now?

Did you see the new posting about the flaws in 802.1X?

Follow this link,

http://www.linuxsecurity.com/articles/network_security_article-4457.html

5 Replies 5

b.speltz
Level 4
Level 4

These two articles aren't related to the same vulnerability. The U of M paper describes problems with the proposed 802.1x security features such as session-hijacking and man-in-the-middle attacks.

As far as the risk or level of concern; the potential for serious damage is there, but this type of attack requires some effort and isn't likely to be seen outside of a contrived attack. If you think your organization is at risk for targeted attacks, you might consider IPSEC over wireless or just don't use wireless at all.

If you enabled the MIC, WEP Key Hashing, LEAP using RADIUS, your WLAN is secure!

To enabled all security features you must upgrade to the latest NDIS, Firmwares, and ACU.

Audie

The article in question talks about man-in-the-middle attacks that are possible even with 802.1x enabled. The problem is that 802.1x does not provide two-way authentication or security association (rogue access-points).

I don't think that this type of problem is likely to be widely exploited, but it isn't fair to say that 802.1x makes your WLAN secure.

Allow me to clarify, WLAN is secure using Cisco LEAP (expensive), MIC, WEP Key Hashing, Dynamic Session Key, and Non-Broadcast SSID.

The ACS RADIUS authentication give two-way authentication, and MIC/WEP hashing/Dynamic Key Session will stop man-in-the-middle and session hijacking attacks. I'm not even surprise if NSA can not break-in aside from brute force decrypting the 128-bit Dynamic Session Key.

Audie Onibala

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: