http://www.zdnet.co.uk/news/security-threats/2010/04/16/security-researchers-demo-cisco-wi-fi-flaws-40088653/ By Richard Thurston ZDNet UK 16 April, 2010 Two generations of Cisco wireless LAN equipment contain a range of vulnerabilities, researchers have told the Black Hat security conference. Enno Rey and Daniel Mende from German testing firm ERNW demonstrated how to hack into two separate generations of Cisco Wi-Fi kit. They said that the flaws were fairly easy to find and exploit. In a presentation called 'Hacking Cisco Enterprise WLANs' on Wednesday, the researchers demonstrated an attack aimed at Cisco's first generation equipment Cisco Structured Wireless Aware Network (Swan). The researchers said it was possible to launch denial of service attacks and to sniff encrypted traffic on Swan by exploiting weaknesses in Cisco's Wireless LAN Context Control Protocol (WLCCP). The protocol defines how information is sent between wireless access points. Swan access points transfer keys between them to facilitate roaming. Rey said that Leap - the authentication protocol used in Cisco's equipment - was weak, meaning that the cryptography used to hide the keys could be broken. [...] ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Sun Apr 18 2010 - 22:48:19 PDT
This archive was generated by hypermail 2.2.0 : Sun Apr 18 2010 - 22:56:22 PDT