<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
<TITLE>LEAP Security Vulnerabilities??</TITLE>
<META content="MSHTML 6.00.2715.400" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff size=2>If
you're serious enough about security to find 128 WEP inadequate, I would think
you would be doing some sort of VPN or other SSL solution anyway, making WEP
redundant. Or am I missing something?</FONT></SPAN></DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff
size=2>Best,</FONT></SPAN></DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=730584818-13062002><FONT face=Arial color=#0000ff size=2>-Al
Rowland</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Hyska, Jason [JJCUS]
[mailto:JHyska1@CORUS.JNJ.com]<BR><B>Sent:</B> Thursday, June 13, 2002 10:15
AM<BR><B>To:</B> nanog@merit.edu<BR><B>Subject:</B> LEAP Security
Vulnerabilities??<BR><BR></FONT></DIV><BR>
<P><FONT size=2>I am well aware of the many security vulnerabilities that
exist on wireless networks as well as the inadequacies of WEP. I was
curious if anyone has had any experiences with Cisco's LEAP authentication
protocol? I have scoured the net for reviews or documents examining any
potential vulnerabilities, but have not been able to find any. Any and
all help or information would be appreciated.</FONT></P>
<P><FONT size=2></FONT> <BR><FONT size=2>Thanks in advance,</FONT> <BR><FONT
size=2>Jason Hyska</FONT> <BR><FONT size=2>Worldwide Information
Security</FONT> <BR><FONT size=2>Johnson & Johnson</FONT> <BR><FONT
size=2>jhyska1@corus.jnj.com</FONT> <BR><FONT size=2> </FONT>
</P></BLOCKQUOTE></BODY></HTML>