Cisco's LEAP Authentication Cracked 162
mtrisk writes "Just a day after Cisco released a security warning about its WLSE access point management tool, a tool to crack wi-fi networks using LEAP authentication has been released, reports Wi-Fi Networking News. The tool, called Asleap and developed by Beyond-Security, actively de-authenticates users, sniffs the network when the user re-auntheticates, and performs an offline dictionary attack upon the password."
Not Cisco's week (Score:5, Informative)
Re:Not Cisco's week (Score:5, Informative)
Comment removed (Score:5, Interesting)
Re:Not Cisco's week (Score:4, Insightful)
Yeah it's been a bad week for Cisco but they aren't Microsoft. They won't ignore these problems. You'll see firmware updates to fix the password problem in a week tops (if it isn't already out). I suspect you'll also see an update to address the LEAP issues.
Except that they've known about this problem for months, and the security flaw is not entirely inherent in the protocol. Forcing users to choose strong passwords will provide significantly more protection to a "LEAP-protected" networks than any patch that Cisco could issue for LEAP.
I am entirely unenlightened on EAP-FAST, Cisco's replacement for LEAP, but I'm pretty sure it would be a significant deployment effort for IT to upgrade both the infrastructure and the client devices.
Re:Not Cisco's week (Score:2)
Problem is, most corporations don't have the wherewithal to deploy a PKI to all users just for wireless access. (Though if you're willing to reduce the strength of your PKI certs to the same assurance level as a username and password, you can use MS 2k3 Active Directory certificate services autoenrollment.)
Re:Not Cisco's week (Score:5, Interesting)
Read the article - the LEAP problem was reported to them in AUGUST 2003.
I agree they are not a Microsoft, and they are generally much more responsive, but how would you feel if you had over the past six months implemented a major, wonderful, well protected Cisco LEAP wireless network? Only to receive the news that "yeah, we kinda knew since August our security sucked" (for the record, I am NOT in that situation, but LEAP was a contender for our upcoming wi-fi implementation).
Honestly, Bruce Schneier was recently saying that it's no longer about the crypto, as anyone can do strong crypto these days. It's about the factors around it, like usernames and passwords, physical security, but most of all, implementation. You'd think that something which was hailed at the time as the solution to the broken WEP protocol would be partially secure... Ugh. Now I'm just ranting.
-Jack Ash
Re:Not Cisco's week (Score:4, Informative)
Bad Faith? (Score:2)
Re:Not Cisco's week (Score:2)
The reason they flew someone out is probably because they wanted to confirm the situation... it is in their best interest after all.
The reason why Microsoft doesn't fly people out isn't because they don't care, it's because a) you're dealing with software (not firmware) which can submit bug reports, b) reproducing the problem on their servers will most likely work (software is generally
Re:Not Cisco's week (Score:2)
Even many dinky little routers actually run Linux as their OS.
Re:Not Cisco's week (Score:2)
It brings to mind the GOP claim made immediately after 9/11 that it was all Clinton's fault, nothing at all to do with them, oh and no way would Gore have taken the decision to invade Afghanistan. As a result of making these silly statements the administration is now having
Re:Not Cisco's week (Score:2)
That does not seem to be a very good analogy, besides missing the point entirely.
The point I was making was that slashweenies seem to think 'blame Microsoft' is the appropriate response in every situation. Cisco screws up so we get 'Blame
Re:Not Cisco's week (Score:2)
Not quite true. Their IPsec extension called XAUTH has got the same problems, and and these have been ignored for years:
http://www.ima.umn.edu/~pliam/xauth/
There's a recent rediscovery of the problem archived at: http://www.securityfocus.com/archive/1/347351
The only reason to buy Cisco after all [...] is for the support.
Exactly, and that's why it's sometimes so painful to be a Cisco customer. You have t
Re:Compare apples to oranges (Score:2)
Yes, it's the difference between fscking 300 milion Joe's who cannot sue you and don't really know the difference between a CPU and an operating system, and trying not to piss off big $$$ companies which can, eventually, sue. Microsoft is also helpful towards big $$$, rest assured.
Insight appreciated? (Score:5, Interesting)
Re:Insight appreciated? (Score:5, Informative)
The easiest way to see if you are affected by this issue is to get the model number of your access point, and go to the Linksys website. See what capabilities your AP has, and if the AP supports the LEAP authentication protocol.
If it does not, you are probably immune to this particular disorder. Beyond that I would say do not manage your AP over the wifi connection, without another encryption, and if possible disable login to the AP from the Internet. Beyond that I would recomend getting a good book on WiFi security, some have been reviewed here, though how good they are, I can't really judge.
-Rusty
Re:Insight appreciated? (Score:2)
If it does not, you are probably immune to this particular disorder.
Right. But this is like telling the Ebola patient that he doesn't appear to have cancer.
If you aren't layering some sort of VPN-based security on your wireless network, complete with firewalls on every wireless device that seal off everything other than the VPN connections, you're insecure.
If being insecure is a problem for you, you had better address it. Quickly. And LEAP is no longer an option.
Re:Insight appreciated? (Score:5, Informative)
Moreso if your router is older and produces the 'weak' packets that programs like Kismet detect (in which case, hundreds of megs becomes hundreds of kilobytes
Re:Insight appreciated? (Score:2)
Any WEP implementation can be broken with about a million packets, so says the documentation for AirSnort.
Re:Insight appreciated? (Score:5, Informative)
This is for Cisco wireless products (their Aironet series for example), not Linksys products. I'm sure they're still pretty seperate companies even though Linksys may be a wholly owned subsidiary. i.e. Linksys access points don't run IOS (hell, some run Linux). Plus, your Linksys box wouldn't support LEAP anyway. Now, the problem with you is that 64-bit WEP is already easy to crack with enough data so it's a thin veil of security, nothing more. Don't rely on it to encrypt your traffic! If you're doing anything that needs encryption then use higher layers like SSL or even IPSEC.
Comment removed (Score:4, Informative)
Re: (Score:2)
Re:Insight appreciated? (Score:5, Informative)
Correct; asleap won't crack your network. However, airsnort will.
http://airsnort.shmoo.com/
So far as I'm aware, there hasn't been a link-layer security protocol for wireless made yet that
hasn't been cracked. That's why I run ipsec.
Re:Insight appreciated? (Score:2, Interesting)
Re:Insight appreciated? (Score:3, Interesting)
If somebody breaks into your WEP, they can do anything that any machine on your LAN can do. That is, they can sniff your traffic, they can access any internal servers that use only IP address checking for security (NFS is commonly set up this way) and they can use your connection to the net. The latter is more serious than you might think; for instance, what if they launch a DDoS, port-scan a bank, or serve child pornography from your IP addres
Re:Insight appreciated? (Score:2)
Re:Insight appreciated? (Score:2)
Re:Insight appreciated? (Score:2)
Re:Insight appreciated? (Score:2)
For instance, it doesn't do much good to spend hours setting up a cumbersome cryptographic scheme for your wireless LAN in order to protect your internal file server, if you only have normal household padlocks and no human guards on the server. Attackers will always find the path of least
Re:Insight appreciated? (Score:2)
hasn't been cracked. That's why I run ipsec.
A wireless network using Windows RADIUS is pretty secure; the vulnerability in WEP requires many packets to go down the pipe in order to be visible. RADIUS requires IEEE 802.1x authentication, and assigns each user their own rotating key based on that. Unless a user stays connected to the network for days at a time, it's theoretically unbreakable, as the key rotatio
Linksys (Score:1, Troll)
BTW, if you're running standard WEP it's pretty easy to get into your network anyway.
Re:Insight appreciated? (Score:2, Interesting)
If you're doing anything that needs real encryption, such as administering anything requiring strong passwords or doing financial transactions, you should be researching a VPN layer or something along those lines.
Along the same lines, this seems to open up a new service category... VPN service a
Sorry... (Score:2)
While Cisco owns Linksys, they don't use LEAP on that device (LEAP is typically used in enterprise contexts for wireless access...). However, your WEP based device is actually every bit as vulnerable because WEP's been cracked for pretty much any number of bits and has been for some time. LEAP was being touted as the fix to the problem and Cisco was flogging it pretty heavily- we now know that LEAP's not any better than WEP in all practical
Re:Insight appreciated? (Score:2, Informative)
The vulnerability is if you use 802.1X authentication with the LEAP protocol.
The Access Point doesn't have a security flaw in it, the LEAP prot
When it rains, it pours... (Score:5, Funny)
Re:When it rains, it pours... (Score:5, Funny)
Re:When it rains, it pours... (Score:2)
Re:When it rains, it pours... (Score:2)
Re:When it rains, it pours... (Score:1)
Crypto subsystems are notoriously difficult... (Score:5, Interesting)
I'm a fairly competant amateur- I know better than to assume anything I or anyone else that's not an SME produces in this arena is anything but vulnerable until proven otherwise.
Re:Crypto subsystems are notoriously difficult... (Score:2, Insightful)
This is the setup I have at home:
My AP is connected to it's own NIC in my router box (running linux). The DHCP server on the box will give people coming over that interface non-routable IPs, and iptables is configured to drop everything not
Re:Crypto subsystems are notoriously difficult... (Score:2)
Re:Crypto subsystems are notoriously difficult... (Score:5, Insightful)
I said it below, I'll say it again here. Companies have to CARE enough about security to have experienced crypto people do this sort of work. To design it, to implement it, and to test it.
But now its all about keeping things cheap.
Cisco Ads in France, all about Security (Score:2)
Re:Cisco Ads in France, all about Security (Score:2)
Re:Crypto subsystems are notoriously difficult... (Score:3, Insightful)
It's WHY you really, really ought to have a cryptologist design your subsystems if at all possible.
No!!!!!!
Seriously, the last thing we need is slow hardware.
The trick to beat hackers and crackers is put out so much variety they have no idea what the hell to do. Seriously, if 99% of people didnt run the same hardware and software for everything hackers would cause very minimal damage.
You, sir, are seriously mus-informed... (Score:2)
1) Some of the fastest hard crypto (i.e. military grade...) came from the very person I mention as an example.
2) Variety can only take you so far- chaff, etc. can make it difficult, but in the end, you basically end up with the same level of vulnerability you had in the system to begin with. Even variety doesn't make up for a weakness in your system.
Re:You, sir, are seriously mus-informed... (Score:3, Insightful)
Some of the fastest hard crypto (i.e. military grade...)
Your talking to someone who worked in DOD. Theres no such thing as military grade crypto. Its the same stuff you find in the consumer market. When the use Cisco hardware they dont load anything special on it. Thats why you hear of crackers/hackers getting into them or military projects hurt by simple things like Microsoft Windows worms.
Even variety doesn't make up for a weakness in your system.
Sure, but which system? Ill use a simple exa
So I guess... (Score:2)
-Grump
Re:So I guess... (Score:1)
and lastly, I'm an athiest.
dictionary attack? (Score:5, Interesting)
Re:dictionary attack? (Score:4, Funny)
Of course, not just any dictionary will do: you need a dictionary with not only simple English words, but with long definitions and even off-beat, obsolete words.
Routers are quiet small in the scheme of things, and they really can't stand up to a quick beating by, let's say the Oxford English dictionary, especially if the router is opened up and the electronics are exposed. No, those little dictionaries you get with a subscription to Time magazine won't do (after all, Time's vocabulary is pretty light-weight to begin with).
However, a quality rack-mounted cisco router will likely be protected in a secure data center or other secure closet. in that case, you'll have to take all the words in the dictionary and hash them up. And if the users aren't dumb, they'll pick tough passwords. It can take many years (or even decades) to successfully attack quality passwords.
I think the physical dictionary attack is the easier approach. Unless you permit your users to choose stupid passwords (like mine: "17Trees")
Re:dictionary attack? (Score:4, Insightful)
The time to brute force the password is a combination of many factors not just the strength (length and composition) of the password. The amount of resources avaible to compute the hashes and the complexity of the algorithm used to create the hashes have a large effect on how long it will take to compute a match.
In this age it is becoming possible to precompute the hashes and then look them up, in that case the "strength" of the password becomes less important.
Re:dictionary attack? (Score:2)
If the number of bits possible in the password are 256, 512, or 1024, then password strength definitely does matter.
+2
salts? (Score:2)
I would love to know how this works -- I thought it was pretty much useless. First because the storable keyspace is so much tinier than the total keyspace, and second because of salts.
IANACrypto person, but the basic idea with salts is that the router would say 'please send me your password hashed with the string "abcdefg".' The client then says, "oh, of
Re:salts? (Score:2)
I think the funny bit about this is there is allready a fix anyway it's SecurID as it rotates the password at every signon it invalidates this program as knowing the password does no good.
Re:precomputed hashes (Score:2)
Re:dictionary attack? (Score:2)
Cool. Now there's a laugh (Score:5, Interesting)
Re:Cool. Now there's a laugh (Score:1)
Re:Cool. Now there's a laugh (Score:4, Funny)
Woh, imagine that! Two different companies using wireless products from Cisco. What are the odds of that!?
Re:Cool. Now there's a laugh (Score:2, Funny)
Cisco WLAN AP != LEAP in all cases (Score:4, Informative)
Yeah but, don't worry. (Score:5, Funny)
They had this little girl on the computer and she like, downloaded a worm. But, the network saw it and popped up a message on her screan that the worm was there. Then it said that it was like, isolating the worm and everything. Then it like, popped up another message that said the worm had been destroyed. It was like, way cool and I didn't even know that Cisco like, made antivirus software.
Of course the above is a joke but, what is not funny is that the television advertisement is well done and likely to be very influential to the typical PHB who will buy it hook, line and sinker.
Re:Yeah but, don't worry. (Score:5, Funny)
Re:Yeah but, don't worry. (Score:3, Informative)
Cisco also has IDS software that will detect intrusions and update access lists on the appropriate routers on the fly. I think that qualifies for self securing and defending.
Re:Yeah but, don't worry. (Score:3, Informative)
Re:Yeah but, don't worry. (Score:2)
I don't feel safe... (Score:5, Funny)
Script kiddies using canned cracks on me from Windows machines would just make me feel dirty.
This has been in the wild for months (Score:5, Informative)
Not quite a crack (Score:5, Interesting)
Re:Not quite a crack (Score:3, Informative)
Re:Not quite a crack (Score:2)
Re:Not quite a crack (Score:2)
Well, if you were to try every possible combination, it would take 185 days to crack any 8 letter or less password, given the quoted rate of 45 million password tries per second that the author quoted
Re:Not quite a crack (Score:2)
72^8 = 722204136308736 No, I didn't add in the other possible lengths (speaking of which, you estimated 1 more combination than is possible with a 52 character set. 0-length passwords are not allowed)
722204136308736 attempts / (45000000 attempts / second) / (86400 seconds / day) = 185 days
Not really an issue for large businesses... (Score:5, Interesting)
Unfortunately while the firmware may be upgradeable, the cryptographic functions are usually implemented in hardware (better performance) and it may be hard, if not impossible, to secure the authentication so this kind of attack is harder.
What they really should do is have a public/private key for each access point, with the SSID set to the public key. Then any client can transmit to the access point without possibility of eavesdropping. This would be used to set up the secure LEAP session. Since the password is never sent back to the client then it's not going to be breakable by offline brute force attacks.
Of course, in the end anything is breakable given enough time and/or money.
-Adam
Or.... (Score:2)
Or a big enough hammer.
Offline attack (Score:5, Interesting)
There are quite a few others that are saying well thats only if you let your users pick bad passwords... Come on guys, have you actually worked in the real world? Normal users can't remember crazy passwords, they are going to pick their dog and their favorite football player's number put together. Or their aniversary and the current food they are eating.
Keeping a dictionary of enough passwords to get into the network would be trivial. All you need is one user with a weak password to get in, after that who cares how strong the rest are.
Re:Offline attack (Score:3, Interesting)
At least we force hard passwords for administrators.
I've got some 7 complex passwords for admin accounts at work.
Add 2 for my regular accounts there.
Add 1 for Lotus Notes there.
Add 1 for my user at my home server.
Add 1 for root at the server.
Add 5 for the enc
Does the US government want insecure WiFi? (Score:5, Interesting)
WEP is broken by design. A few engineers who don't know anything about cryptanalysis making their own encryption system that turns out to be broken is quite plausable however wifi standards are set by the IEEE. The IEEE is not stupid.
Was WEP deliberatly broken to make government snooping easier?
That may seem ludicrus now but what if the likes of consume [consume.net] suceed in their goal of building mesh networks across citys? Securing wireless connections at VPN or application level is so much hassle that only 0.01% of users bother.
The reaction of the American government to the new Chinese wifi encryption standard lends weight to this theory. Supporting WAPI just means hardware manufacturers have to write a bit more software. Once it's in the software it will no doubt be supplied as standard worldwide. It may actuall be secure with little work. Why else would the American government threaten retailation over somthing so obscure?
Re:Does the US government want insecure WiFi? (Score:3, Informative)
On the Chinese front, you're way off base. The problem is that the Chinese government
Re:Does the US government want insecure WiFi? (Score:2)
Ever hear of SSL? How difficult is it to open a browser and go to an SSL website? How difficult is it to use IMAPS or POPS? How difficult is it to use SSH instead of Telnet? Getting users to understand PKI and client side certificates to manage in their IPSEC VPN client is one thing (and I agree it's entirely too complex a solution for the problem people use it to solve), but teaching users to t
Re:Does the US government want insecure WiFi? (Score:2)
What I want to know is, is this true? Would sending random looking data to some IP addresses get you into trouble?
-1
Re:Does the US government want insecure WiFi? (Score:2)
Re:Does the US government want insecure WiFi? (Score:2)
'twas on http://dis.hert.org a few days ago (Score:4, Interesting)
The site which accidently looks a lot like slashdot, focuses on quality security news; no vuln reports people don't care about... all the latest news and white papers.
A cool white paper on utf-8 shellcodes was released [hert.org] on it too.
Re:'twas on http://dis.hert.org a few days ago (Score:2)
Are you sure that incedentally wouldn't be a better term? Lots of developers start with slashcode when building their forums, and they are not ashamed of the fact (nor should they be.
It only makes sense to use something that works well and is already written if it asddresses your needs and is offered freely by its creators.
no vuln reports people don't care about...
It's nice to know that their knowledge is so complete that they can make that decision
"Cracked"? (Score:2, Insightful)
Dictionary attack == LEAP is cracked!
Need to move to PEAP ASAP (Score:4, Interesting)
Security protocols are like windows (the physical kind). Once they're broken, duct tape is not the answer.
Re:Need to move to PEAP ASAP (Score:2)
Re:Need to move to PEAP ASAP (Score:2, Informative)
I have seen a lot of half-truths in responses here.
PEAP is not an open standard. But there are Linux clients available for PEAP. Meetinghouse sells one, for example.
Cisco and Microsoft competed for different PEAP standards, while Funk Software competed with PEAP using a EAP-TTLS standard.
PEAP (protected EAP) is suppose to be the succecessor for LEAP (light EAP, which may explain why Cisco has not released any type of update for LEAP yet.
Also, Cisco is also releasing an EAP-FAST to help with secure han
Re:Need to move to PEAP ASAP (Score:2)
It's unfinished, and there are implementations of different (incompatible) drafts in use.
Many implementations only support a very restricted set of EAP types over PEAP (eg EAP-MS-CHAP-V2 for microsoft and EAP-GTC for Cisco) which is a problem for interoperability.
The former problem should be resolved as the PEAP version 2 specification matures.
WPA-PSK at risk in similar circumstances (Score:5, Informative)
But remember that this problem isn't limited to LEAP. As Robert Moskowitz of ICSA Labs wrote last November, poor WPA preshared key passphrase choice can allow WPA keys to be cracked [wifinetnews.com]. WPA (Wi-Fi Protected Access) is a fix to WEP that involves dramatically more complexity and sophistication in deriving per-packet keys.
However, if you choose a dictionary-crackable passphrase of under 20 characters in WPA, you hit the same problem as LEAP: a cracker can trigger a deauthentication, capture the reauthentication in less than a minute, and then crack at their leisure.
WPA-PSK will probably only be used in home and small office networks, where passphrases may be poorly chosen. I have spoken to manufacturers about changing the presentation layer: don't let users pick bad passwords. So far, to no avail. Not even a recommendation from the Wi-Fi Alliance.
Allways on the ball (Score:5, Informative)
The limiting factor is how fast your attack machine can read your pre-computed dictionaries off the disk.
- RustyTaco
Hire EXPERIENCED security people, not cheap ones! (Score:5, Interesting)
I'm an ex Cisco security programmer, and thats exactally what was happening before I quit. I wish I could say more...
Once again, securing the network isn't effective (Score:2)
OUTSOURCING (Score:4, Interesting)
just after cisco started utsourcing, their products have become faulty, sure, the programmers in india are pretty smart, but most are quickly trained amatuers who are usually new to coding secure applications. anyone else think this may be the case?
Re:OUTSOURCING (Score:3, Interesting)
dictionary attack ? (Score:2, Interesting)
I think of a phrase and take first letter of each word, like
Top of the morning to you ==> totmty
etc..
Not the plan, just the way it should be done (Score:2)