[VOIPSEC] Cisco 7920 wireless IP Phones
Robert Moskowitz
rgm at icsalabs.com
Thu May 26 20:37:45 BST 2005
At 11:46 PM 5/25/2005, Porter, Thomas (Tom) wrote:
>I'm curious how you'd go about breaking into a WPA2-AES protected
>network via traffic hijacking, interception, or impersonation. AFAIK,
>this has not been demonstrated. I'd be interested to see some examples
>of this -- my guess is that you won't be able to provide them.
No we did right with CCMP. BUT:
Depends on the key establishment method.
I have published a paper on attacking PSK mode, and my method has been
incorporated into the wireless attack tools.
Improper configuration of acceptable certificate trust can compromise any
of the TLS-based EAP methods (TLS, PEAP, TTLS). With TTLS being perhaps
the easiest to attack in this case.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
VoIP: 248-291-0713
E: rgm at icsalabs.com
There's no limit to what can be accomplished if it doesn't matter who gets
the credit
More information about the Voipsec
mailing list