April 8, 2004

Expert releases Cisco wireless hacking tool

One day after it disclosed a security vulnerability in a wireless networking product, Cisco Systems must contend with a new threat - the long-promised
release of a hacking tool that targets wireless networks running its LEAP wireless authentication protocol.

The tool, called "Asleap," allows users to scan the wireless network broadcast spectrum for networks using LEAP (Lightweight Extensible Authentication
Protocol), capture wireless network traffic and crack user passwords, according to a message posted to the Bugtraq online security discussion group on

Cisco did not immediately respond to requests for comment.

The tool was designed to compromise WLANs using LEAP using so-called "dictionary attacks" to exploit weakly protected passwords, according to the
message, which purports to be from Joshua Wright, a network engineer at Johnson & Wales University in Providence, Rhode Island. Wright made headlines
in August after he publicized the password vulnerability in LEAP.

Link: infoworld.com


  • Security
Click Here!