Severe flaw in WPA2 protocol

Toggle sidebar Toggle sidebar

Chiefcrowe

Diamond Member
Sep 15, 2008
5,049
182
116
This is pretty major!!

I was unclear though, have there already been patches released for Windows and Mac?
 

urvile

Golden Member
Aug 3, 2017
1,575
474
96
The last place I worked didn't use WPA or any other wifi encryption. The AP was open but you could only connect to their network via a VPN using IPsec.So you had to be on the domain and you also had to have a token. In my general experience businesses that are serious about their security have never trusted WEP, WPA etc.

They know that given those encryption schemes track records of being exploited. It's likely more exploitable flaws would be found.
 
T

TheRyuu

Diamond Member
Dec 3, 2005
5,479
14
81
Just keep in mind with this flaw ALL DEVICES NEED AN UPDATE[1]. Just updating your router doesn't do it (and may in fact not even need an update). For example if you're using an extender or client bridge you will need to patch (e.g. AP <-> AP). This is mainly a client side problem so make sure to grab the latest updates to your devices (phone, etc) when they become available.

It appears there are no ways to mitigate this. You can disable roaming and client services to maybe help a little but WPA on unpatched devices is fundamentally broken.

Here[2] is a link to a reddit thread documenting what has been patched (the subre. It appears as of writing Microsoft deployed the fix on patch Tuesday (10/10/17) and iOS has a fix in the latest betas.

[1] https://www.krackattacks.com/ (this is the original source)
[2] https://www.reddit.com/r/KRaCK/comments/76pjf8/krack_megathread_check_back_often_for_updated/
 
Last edited:

urvile

Golden Member
Aug 3, 2017
1,575
474
96
BTW. Thanks for making the effort to post the info guys. It is appreciated.
 

sdifox

No Lifer
Sep 30, 2005
96,201
15,785
126
PFSense 2.4.1 patched KRACK. Not that it helps the wifi clients.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |