[Aironet] Session Key timeouts
Status: Inactive
Brought to you by:
breed
From: Joyce, M. <Mat...@dr...> - 2001-10-26 09:39:10
|
Cisco LEAP has session timeouts for WEP keys which can be set at the ACS. There's some guidance at http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/1515_pp.htm about how long the timeouts should be - it varies from 17 minutes to 26 minutes for 1 to 5 users on a single AP. WEP key timeouts are necessary as I don't believe that Cisco have completely avoided using the large set of weak IVs - they're avoided the weak IVs that AirSnort relies on, but I remain to be convinced that Aironet kit is using "safe" IVs. What happens when the session timeout happens? Does a user really have to completely reauthenticate? So every 26 minutes users have to reenter their passwords? I was planning to use SecurId tokens to authenticate wireless users, but can't see anyone using a system where they have to enter the SecurId token response every 26 minutes (or less...) Matthew Joyce ---------------------------------------------------------------------- If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. ---------------------------------------------------------------------- |