GPL Universal Wireless Client

LEAP is worse than WEP. It's susceptible to a highly efficient dictionary crack and once you have the username and password, you have...the username and password - valid credentials for the network. Capture the admin logging on and your network isn't yours anymore.

At least with WEP all you've lost is a network connection!

Even Cisco gave up on LEAP as not worth fixing, you might want to pass by also.

David.

I'm afraid don't have a choice in the matter and I have to use LEAP.

LEAP is just the authentication scheme and uses WEP (which alternates the WEP keys every 5 minutes). IMHO, it's better than just using WEP and follows the intentions of the WPA standard. From what I understand LEAP was the result of WEPs lack of security and intended as a holdover until WPA (perhaps it was WPA2) was approved and used, and so it was intended to be abonded eventually. I don't claim to know everything about wireless technologies, so feel free to correct me if I'm wrong.

Per Wikipedia:

"The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server). LEAP allows for clients to reauthenticate frequently; upon each successful authentication, the clients acquire a new WEP key (with the hope that the WEP keys live long enough not to be cracked)."

Plus, I'm quoting Wikipedia, so that may be wrong, and anemic, as well.

Any> > Is anyone aware of a free (GPL) alternative wireless client for

You need to read about the asleap tool. Basically, you catch the authentication, then perform a super quick dictionary crack and you have the users login credentials.

Yes it's the authentication and rotates WEP keys but the fact that the credentials can be compromised very quickly gives the attacker a network login, worse than WEP.

Can you at least not do an 802.1x solution or failing that just a VPN because any amount of googling for LEAP flaw will enlighten you.

David.

Thanks for the info on LEAP - it is very interesting.

I'm afriad the authentication and encryption method is not up to me. I just need a free wireless client which supports LEAP. I'm assuming my chances are slim to none.

David Taylor wrote: Can you at least not do an 802.1x solution or failing that just a VPN because any amount of googling for LEAP flaw will enlighten you. David.

Possibly, not much point writing a client for a broken authentication scheme I guess? You could always educate the person who makes the decision about the config.

David.

There are a couple major reasons why LEAP was used. I won't go into a long history of it, but it's still in use because of our favorite argument: not enough money, time and effort are available to make a change - yet. It foot the bill at the time of implementation.

David Taylor wrote:

It was a good idea years ago when Cisco wanted to have something better than static WEP but the world has moved on - a long way! :)

LEAP was cracked, it was proprietary, times change.

David.

Just to jump in, I don't think there is a LEAP client add on available for Windows to be had in GPL form. The insecure nature of LEAP insures that very few to (you may be the only one in the world) no one would be interested in client software for it. When you think about it, why would someone take the time to write code for something no one would be interested in using?

Good luck in your search, but don't be surprised if nothing turns up. I understand your problem. I really think you and the powers that be need to discuss this issue at some point. I understand ca$h issues, but how much will a compromised network co$t? Again though not your call I understand...

fundamentalism, fundamentally wrong.