There is more to the recent Cisco Wireless OTAP issue that isn’t being widely reported.
Saturday, September 5, 2009 at 2:11AM
George

In the last week you heard about the OTAP issue. OTAP stands for Over The Air Provisioning. It is a means whereby a Cisco access point can find a Cisco controller to initiate a join process.

OTAP when enable, by design , sends the controller mac and ip information in the clear every 60 seconds in the multicast RRM packet. This aids access points to join the network.

Cisco recommends you disable OTAP during normal production. OTAP should only be deployed during the deployment phase of a wireless network.

What isn’t being reported, when disabled the RRM packets still includes the controller mac and ip address!

 Enjoy the video 

 
Update on Saturday, September 12, 2009 at 10:41AM by Registered CommenterGeorge

OTAP UPDATE 9.07.09:my80211.com article picked up by computerweekly.com

http://www.computerweekly.com/Articles/2009/09/07/237584/video-cisco-access-points-give-away-network-secrets.htm

 

OTAP UPDATE 9.12.09: This week Cisco released a plan to follow up with a patch update to 6.x, which REMOVES OTAP discovery method and encrypts the information element in the RRM discovery packet.

I like this move and something I stated from the early release of this vulnerability. The RRM packet sending controller IP information in the clear to share RRM neighbor information is not necessary for access points that have already joined a controller. This infromation should be encrypted.
.This is comforting news for ANY enterprise or healthcare security team.

I am disappointed the release will be 6.x. Many users are on harbor code 4.2.x who won’t be able to take advantage of this patch. I suspect Cisco will release a 4.2 fix as well, we shall see!

 http://tools.cisco.com/security/center/viewAlert.x?alertId=18919

 

 

 

 

Article originally appeared on my80211.com (http://www.my80211.com/).
See website for complete article licensing information.