LEAP Authentication?
David Mitton
david at mitton.com
Thu Jun 30 05:49:36 CEST 2011
Yes, you can get LEAP to work with Cisco and some other devices, but
LEAP is a flawed proprietary protocol. When analyzed and found
subject to offline dictionary attacks Cisco circled the wagons and
threw FUD until FAST was developed and deployed. LEAP has never been
publically documented by Cisco, though you can find reverse
engineering about it on the net.
So to repeat;
- Not a standard
- Not publically described
- Subject to attack/cracking - there is at least one tool for it.
That is why you should avoid it.
Dave.
http://ipsecs.com/web/?p=66
http://www.willhackforsushi.com/?page_id=41
Quoting pesho <pesho.tmp.mail at gmail.com>:
> It does. It is a Aironet 350 device and it has internal RADIUS as well, which
> we are able to authenticate against(using LEAP).
>
>
> --
> View this message in context:
> http://freeradius.1045715.n5.nabble.com/LEAP-Authentication-tp4475314p4536908.html
> Sent from the FreeRadius - User mailing list archive at Nabble.com.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list