By Richard Thurston
16 April, 2010
Two generations of Cisco wireless LAN equipment contain a range of
vulnerabilities, researchers have told the Black Hat security
Enno Rey and Daniel Mende from German testing firm ERNW demonstrated how
to hack into two separate generations of Cisco Wi-Fi kit. They said that
the flaws were fairly easy to find and exploit.
In a presentation called 'Hacking Cisco Enterprise WLANs' on Wednesday,
the researchers demonstrated an attack aimed at Cisco's first generation
equipment Cisco Structured Wireless Aware Network (Swan).
The researchers said it was possible to launch denial of service attacks
and to sniff encrypted traffic on Swan by exploiting weaknesses in
Cisco's Wireless LAN Context Control Protocol (WLCCP). The protocol
defines how information is sent between wireless access points.
Swan access points transfer keys between them to facilitate roaming. Rey
said that Leap - the authentication protocol used in Cisco's equipment -
was weak, meaning that the cryptography used to hide the keys could be
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!