Announcement

Collapse
No announcement yet.

WPA2 compromised

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    WPA2 compromised

    Time to look at your Wifi AP vendor for a solution. Ubiquity says they'll have one shortly, not sure how long for others and for client OS's.
    This could get ugly, especially for businesses.

    Z


    The proof-of-concept exploit is called KRACK, short for Key Reinstallation
    Attacks. The research has been a closely guarded secret for weeks ahead of a
    coordinated disclosure that's scheduled for 8 a.m. Monday, east coast time. An advisory the US CERT recently distributed to about 100 organizations described the research this way:

    "US-CERT has become aware of several key management vulnerabilities in the
    4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The
    impact of exploiting these vulnerabilities includes decryption, packet replay,
    TCP connection hijacking, HTTP content injection, and others. Note that as
    protocol-level issues, most or all correct implementations of the standard will
    be affected. The CERT/CC and the reporting researcher KU Leuven, will be
    publicly disclosing these vulnerabilities on 16 October 2017."

    https://arstechnica.com/information-...eavesdropping/

    https://papers.mathyvanhoef.com/ccs2017.pdf

    #2
    As I understand the issue, a hacker must have direct access to the WiFi network, so a typical home network is less of an issue, but a compromised commercial network would be vulnerable to eavesdropping on all its WiFi traffic. Is that an accurate assessment?

    Would a VPN circumvent the problem, or would connecting to it on a compromised network just expose the log-in credentials to the hacker?
    Mike____________________________________________________________ __________________
    HS3 Pro Edition 3.0.0.548, NUC i3

    HW: Stargate | NX8e | CAV6.6 | Squeezebox | PCS | WGL 800RF | RFXCOM | Vantage Pro | Green-Eye | Edgeport/8 | Way2Call | Ecobee3 | EtherRain | Ubiquiti

    Comment


      #3
      Originally posted by Uncle Michael View Post
      As I understand the issue, a hacker must have direct access to the WiFi network, so a typical home network is less of an issue, but a compromised commercial network would be vulnerable to eavesdropping on all its WiFi traffic. Is that an accurate assessment?

      Would a VPN circumvent the problem, or would connecting to it on a compromised network just expose the log-in credentials to the hacker?
      That's my understanding as well, they need to be close, so it's a more of a heavily populated issue (I'm probably pretty safe out in the middle of VA . It's also client based as well so your laptop/tablet might be affected when you're out..
      The vendors had a 50 day headstart and most have patches out. Not sure how long for the consumer class devices (Android seems particularly vulnerable), especially the cheaper ones.

      Z

      Comment


        #4
        Ubiquiti released new firmware this morning addressing the vulnerability.

        It is posted here
        HS4 Pro, 4.2.19.0 Windows 10 pro, Supermicro LP Xeon

        Comment


          #5
          If you run Unifi Controller it's not a simple update, you'll need to update the controller to 5.6.18 (5.6.19 out later today they say). If you manually update the AP's with the older 5.5 controller (what you're probably on now), it will want to downgrade the firmware back to 3.8 if you upgrade (you can always not upgrade it manually).
          I'm going to wait for 5.6.19 controller and then update the AP's to 3.9.

          Z

          Comment


            #6
            I was just going to do a manual upgrade but the new controller was released, firmware updated on 3 UAP-AC-PRO. It went very smoothly.
            HS4 Pro, 4.2.19.0 Windows 10 pro, Supermicro LP Xeon

            Comment


              #7
              Just upgraded my Ubiquiti controller and updating the AP now. I'm happy to see Ubiquiti has responded quickly with a fix.
              HS Pro 3.0 | Linux Ubuntu 16.04 x64 virtualized under Proxmox (KVM)
              Hardware: Z-NET - W800 Serial - Digi PortServer TS/8 and TS/16 serial to Ethernet - Insteon PLM - RFXCOM - X10 Wireless
              Plugins: HSTouch iOS and Android, RFXCOM, BlueIris, BLLock, BLDSC, BLRF, Insteon PLM (MNSandler), Device History, Ecobee, BLRing, Kodi, UltraWeatherWU3
              Second home: Zee S2 with Z-Wave, CT101 Z-Wave Thermostat, Aeotec Z-Wave microswitches, HSM200 occupancy sensor, Ecolink Z-Wave door sensors, STI Driveway Monitor interfaced to Zee S2 GPIO pins.

              Comment


                #8
                Originally posted by reidfo View Post
                Just upgraded my Ubiquiti controller and updating the AP now. I'm happy to see Ubiquiti has responded quickly with a fix.
                Now for the difficult part, all the clients. I see espressif has already updated (the small IOT device manufacturer). The Z-net wpa_supplicant version is 2.3 so it needs updating as well if it's used on Wifi. Upgrading IOT devices will be "interesting". Cell phones are probably the biggest risk I would think since they're exposed to a lot of "unvetted" Wifi AP's. Apple isn't going to download an update (unless you want to use Beta code) for another week or two..

                Z

                Comment


                  #9
                  Just updated my Unifi Controller and now doing the switch and APs. Controller was a bit of a PITA. When I tried 'apt-get' the repository returned the current installed version, even though UBNT had posted that 5.6.19 was now the stable release.

                  Thankfully I have Webmin installed on that VM, so was able to download the update file to my PC, then browse locally from the Webmin URL to do the upgrade. You'd think they'd add an upgrade feature to the Controller web front end - like Plex and other services that you manage entirely from a browser.
                  cheeryfool

                  Comment

                  Working...
                  X