If you're serious enough about security to find 128 WEP inadequate, I would think you would be doing some sort of VPN or other SSL solution anyway, making WEP redundant. Or am I missing something? Best, -Al Rowland -----Original Message----- From: Hyska, Jason [JJCUS] [mailto:JHyska1@CORUS.JNJ.com] Sent: Thursday, June 13, 2002 10:15 AM To: nanog@merit.edu Subject: LEAP Security Vulnerabilities?? I am well aware of the many security vulnerabilities that exist on wireless networks as well as the inadequacies of WEP. I was curious if anyone has had any experiences with Cisco's LEAP authentication protocol? I have scoured the net for reviews or documents examining any potential vulnerabilities, but have not been able to find any. Any and all help or information would be appreciated. Thanks in advance, Jason Hyska Worldwide Information Security Johnson & Johnson jhyska1@corus.jnj.com