By Robert McMillan
IDG News Service
June 28, 2010
Users of a popular Cisco Systems wireless access point may be setting
themselves up for trouble if they leave a WPA wireless migration feature
enabled, according to researchers at Core Security Technologies.
The issue has to do with Cisco's Aironet 1200 Series Access Point, which
is used to power centrally managed wireless LANs. The Aironet 1200 can
be set to a WPA (Wi-Fi Protected Access) migration mode, in which it
provides wireless access for devices that use either the insecure WEP
(Wired Equivalent Privacy) protocol or the more secure WPA standard.
This gives companies a way to gradually move from WEP to WPA without
immediately buying all-new, WPA-capable equipment. But while auditing
the network of a customer who used the product, Core researchers
discovered that even networks that had stopped using WEP devices could
still be vulnerable, so long as the Aironet's migration mode was
Researchers were able to force the access point to issue WEP broadcast
packets, which they then used to crack the encryption key and gain
access to the network.
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com