Additional Wep Key Security Features - Cisco CB21AG Installation And Configuration Manual

Aironet 802.11a/b/g wireless lan client adapters

Hide thumbs Also See for CB21AG:

Installation and configuration manual (286 pages)

Install wizard (34 pages)

User manual (22 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

Table of Contents

Setting Security Parameters

Note

This feature does not need to be enabled on the client adapter or access point; it is supported

automatically by both devices. However, the access points must use the specified firmware versions

or later.

Additional WEP Key Security Features

The three security features discussed in this section (MIC, TKIP, and broadcast key rotation) are

designed to prevent sophisticated attacks on your wireless network's WEP keys. These features do not

need to be enabled on the client adapter; they are supported automatically in the client adapter software.

However, they must be enabled on the access point.

Refer to the documentation for your access point for instructions on enabling these security features.

Note

Message Integrity Check (MIC)

MIC prevents bit-flip attacks on encrypted packets. During a bit-flip attack, an intruder intercepts an

encrypted message, alters it slightly, and retransmits it, and the receiver accepts the retransmitted

message as legitimate. The MIC adds a few bytes to each packet to make the packets tamper-proof.

The Advanced Status window indicates if MIC is being used, and the Advanced Statistics window

provides MIC statistics.

Temporal Key Integrity Protocol (TKIP)

This feature, also referred to as WEP key hashing, defends against an attack on WEP in which the

intruder uses the initialization vector (IV) in encrypted packets to calculate the WEP key. TKIP removes

the predictability that an intruder relies on to determine the WEP key by exploiting IVs. It protects both

unicast and broadcast WEP keys.

TKIP is enabled automatically when WPA is enabled, and it is disabled when WPA is disabled.

Note

Broadcast Key Rotation

When you enable broadcast WEP key rotation, the access point provides a dynamic broadcast WEP key

and changes it at the interval you select.

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide

5-18

The client sends the MAC address of access point A and the reason code for the failure to access

point B.

Access point B logs the failure in the system log.

Chapter 5

Configuring the Client Adapter

OL-4211-02

Table of Contents

Troubleshooting

This manual is also suitable for:

Pi21ag

Additional Wep Key Security Features - Cisco CB21AG Installation And Configuration Manual

Additional WEP Key Security Features

Troubleshooting

Related Manuals for Cisco CB21AG

Related Content for Cisco CB21AG

This manual is also suitable for:

Table of Contents