802.11 Wireless Attacks  Home ToC Prev Up Next 
802.11
Attacks
O/S/M Vulnerabilities
WEP Encryption
Passive Attacks
Active Attacks
IV Reply Attack
Bit-flipping Attack
ManInTheMiddle
MITM Attack
+Cisco LEAP
LEAP weaknesses
LEAP attack
ICV issue
Passive WPA PSK
WPA PSK attacks
PSK attack tools
Conclusion
  

Cisco LEAP

  • Lightweight Extensible Authentication Protocol (easy to install, configure and support)

  • LEAP specification is only opened to business partners under NDA

  • Proprietary EAP method because of its requirement to use a Cisco AP

  • Provides an authentication (uses a modified MS-CHAPv2 challenge/response/in clear, mutual authentication to mitigate MITM attacks, short-lived WEP keys to encrypt data, prevents usage of weak IV's from the AP)

  • Still vulnerable to passive dictionary attacks (MS-CHAPv2 and LEAP client-AP Challenge/Response weaknesses)
Copyright © 2005 Pavol Lupták, OpenWeekend 2005  Prev Next