HELP configuring AP with MScheap auth.
richard.k.miles at googlemail.com
Thu Jul 14 18:30:13 EDT 2011
Thanks for follow-up. But Cisco says that with very strong password
policy it's secure. So, maybe it make sense to implement?
On Thu, Jul 14, 2011 at 12:22 PM, Jouni Malinen <j at w1.fi> wrote:
> On Wed, Jul 13, 2011 at 02:09:07PM -0500, Richard Miles wrote:
>> I need to configure a AP exactly as my actual cisco AP, it uses the
>> LEAP / EAP - MScheap authentication, yes, the one where the username
>> is in clear-text and also there is a challenge and a password hash.
>> Well, buy Cisco APs for that is expensive, so I would like to do it
>> with free software. I have a Linux box with kernel 2.6 and 2 USB
>> network cards for this. I have one Alfa awus036h and a Edimax EW-
>> 7318USg. What is the best for my case?
> LEAP is not secure and should not really be used for anything. In
> addition to that, it is a horrible hack that does not comply with normal
> EAP method behavior and as such, it is not supported by hostapd and
> there are no plans on supporting it in the future either.
> Jouni Malinen PGP id EFC895FA
> HostAP mailing list
> HostAP at lists.shmoo.com
More information about the HostAP