If you are running a VPN, it is not a 100% assumption that your WEP has been cracked. I have done some tests using NetStumbler (http://www.netstumbler.com) and found that most times a VPN protected wireless network, with or without WEP enabled, is impossible to crack.
Brian Ashcraft Miskatonic Technologies [EMAIL PROTECTED] -----Original Message----- From: jmiller [mailto:[EMAIL PROTECTED]] Sent: Saturday, June 29, 2002 11:54 PM To: [EMAIL PROTECTED] Subject: Re: Wireless VPN cracking. if they are using wepcrack, and have gained access to your WAP, can you not also assume that they have the username/password of a user that is autheticated on the vpn? JMiller ----- Original Message ----- From: "Clinton McDonald" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, June 27, 2002 4:49 PM Subject: Wireless VPN cracking. > Hello all.. > > I've got a couple of (hopefully!) quick questions regarding a wireless > VPN. > > I have set up a pix to terminate a VPN for our wireless users, to keep > all their network traffic secure. It looks vaguely like this: > > <<----------VPN--------------->> > Laptop ---> Access Point ---> Pix ---> Switch ---> Server > 172.16.0.1 10.1.1.11 > > The laptop is running the Cisco Secure VPN Client (3.5), and when the > VPN is connected, the Pix assigns the addresses 10.0.0.90-10.0.0.99 to > VPN users for the internal (wired) network. When the traffic gets to > the Pix, the VPN is terminated there, and there is no encryption on the > wired part of the network. > > My theory is that if anyone is sitting out in the car park with a laptop > with a wireless card, they can associate to the access point all they > like, but if they are not authorised VPN users, the Pix will drop their > traffic, and thus, stop them from getting into the internal (wired) > network. > > Questions are: > 1. Can someone in the car park crack into a VPN users laptop > somehow, and then get into the network (ie, bypass the pix and connect > via the other laptop? > > 2. If I ping from the server, to 10.0.0.90 (the VPN user), I get a > response. Should this be so? > > Thanks in advance.. > > Clinton McDonald CCNA >
