If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#61
|
|||
|
|||
Did you update your router for the WPA2/PSK KRACK nonce re-useattack yet?
On 17/10/2017 9:41 PM, KenW wrote:
I am sure people that do nothing but look for problems can find something wrong with every piece of equipment/software. Of course when it becomes common knowledge, it causes more harm than good. ALMOST every person on earth wants some kind of notoriety. Indeed... look at how people hide garbage in the streets! -- @~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!! / v \ Simplicity is Beauty! /( _ )\ May the Force and farces be with you! ^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3 不借貸! 不詐騙! 不援交! 不打交! 不打劫! 不自殺! 請考慮綜援 (CSSA): http://www.swd.gov.hk/tc/index/site_...sub_addressesa |
Ads |
#62
|
|||
|
|||
Did you update your router for the WPA2/PSK KRACK nonce re-use attack yet?
He who is William Unruh said on Sun, 29 Oct 2017 14:47:35 -0000 (UTC):
No, whose interception point is close enough. Thus your wirelessly connected fridge, which usually has attrocious security, could possibly be used as an interception point for an attacker who is in Mongolia say. Interesting point. Thank you for that observation. I think what you're saying is that if they can get to *any* of your devices, over the Internet, then, *from those devices*, they can intercept your traffic to, for example, your Linux laptop or Android smart phone. But I'm confused about the risk in that case. Are they only intercepting from the refrigerator-to-the-client-device? Or are they then able to get from your router-to-your-client-device? (The latter would be more dangerous.) All wifi is susceptible, including Windows. The problem with Android and Linux is they all use wpa_supplicant and it has a problem that, for security, it zeros the password after using it. But that means that when the replay occurs it uses that 0 password. Thus fixing wpa_supplicant fixes the problem, and it has in principle been fixed. Of course one needs to get that fixed version into the devices. Here is a writeup I made for my family that others can use which shows just *one* example of fixing a WiFI device. In this case, it's a Ubiquti radio set up as an access point and only going about a half kilometer, but it could be set up to go for miles (as some of my other radios are set up). (0) Log into your radio http://wetakepic.com/images/2017/10/29/00_PB400_firmware_update_krack.jpg (1) Check the firmware version (noting the board revision, e.g., XW) http://wetakepic.com/images/2017/10/29/01_PB400_firmware_update_krack.jpg (2) Hit the "Check Now" button to see if you can update from here http://wetakepic.com/images/2017/10/29/02_PB400_firmware_update_krack.jpg (3) If not, go to the manufacturer's web site to locate the firmware file http://wetakepic.com/images/2017/10/29/03_PB400_firmware_update_krack.jpg (4) You may have to agree to the manufacturer's updated EULA http://wetakepic.com/images/2017/10/29/04_PB400_firmware_update_krack.jpg (5) Download the file to a known location on your computer http://wetakepic.com/images/2017/10/29/05_PB400_firmware_update_krack.jpg (6) Save the file in a logical location on your computer for future use http://wetakepic.com/images/2017/10/29/06_PB400_firmware_update_krack.jpg (7) Then in the radio, press the "Upload Firmware Choose File" button http://wetakepic.com/images/2017/10/29/07_PB400_firmware_update_krack.jpg (8) Wait for the firmware to upload (it may take a minute or two) http://wetakepic.com/images/2017/10/29/08_PB400_firmware_update_krack.jpg (9) Once uploaded, press the "Update" button to update the firmware http://wetakepic.com/images/2017/10/29/09_PB400_firmware_update_krack.jpg (10) Wait for the firmware to be updated (it may take a minute or two) http://wetakepic.com/images/2017/10/29/10_PB400_firmware_update_krack.jpg (11) Do not power down while you are waiting for the firmware to update http://wetakepic.com/images/2017/10/29/11_PB400_firmware_update_krack.jpg (12) When done, the radio will reboot; log back in to check results http://wetakepic.com/images/2017/10/29/12_PB400_firmware_update_krack.jpg (13) You should note that the firmware should now be updated http://wetakepic.com/images/2017/10/29/13_PB400_firmware_update_krack.jpg (14) Doublecheck now that everything is updated that it is working fine http://wetakepic.com/images/2017/10/29/14_PB400_firmware_update_krack.jpg So, 4 is the only thing you really need to say. Of course how you are going to update your fridge or your toaster is a bit obscure. Do you really want a "owned" wifi device anywhere on your internal network? I have over a dozen WiFi devices in my house.... so I'm updating them one by one. I'm more worried about my grandchildren not knowing how to update *their* devices, and my older siblings, etc. But I agree, it's a PITA to update *every* WiFi device in the house. I have over a half-dozen access point radios, for example, and a few on the roof, etc., some of which connect by WiFi to homes that are 10 miles away, so it's a pain for any of them. |
#63
|
|||
|
|||
Did you update your router for the WPA2/PSK KRACK nonce re-useattack yet?
harry newton wrote:
I think what you're saying is that if they can get to *any* of your devices, over the Internet, then, *from those devices*, they can intercept your traffic to, for example, your Linux laptop or Android smart phone. I think in your case you say your house is out of wifi range of your neighbours; but since you're advising friends and family, it could be that one house's fridge/camera/thermostat hacks the neighbour's wifi traffic ... |
#64
|
|||
|
|||
Did you update your router for the WPA2/PSK KRACK nonce re-use attack yet?
He who is Andy Burns said on Sun, 29 Oct 2017 16:53:03 +0000:
I think what you're saying is that if they can get to *any* of your devices, over the Internet, then, *from those devices*, they can intercept your traffic to, for example, your Linux laptop or Android smart phone. I think in your case you say your house is out of wifi range of your neighbours; but since you're advising friends and family, it could be that one house's fridge/camera/thermostat hacks the neighbour's wifi traffic ... I understand only the *basics* of that argument, which is that if you have device 0 (the router), and then client 1 (refrigerator) and client 2 (Android phone), and client 3 (linux laptop) that *all* are vulnerable. The basic argument is that if someone gets in on client 1, 2, or 3, then the *whole* network is compromised. But is it? If client 1 is a refrigerator with very poor security, I get it that they can hack easily into client 1. All I'm asking is how does access to client 1 give them access to router 0 which "controls" the entire LAN? |
#65
|
|||
|
|||
Did you update your router for the WPA2/PSK KRACK nonce re-useattack yet?
On 2017-10-29, harry newton wrote:
He who is Andy Burns said on Sun, 29 Oct 2017 16:53:03 +0000: I think what you're saying is that if they can get to *any* of your devices, over the Internet, then, *from those devices*, they can intercept your traffic to, for example, your Linux laptop or Android smart phone. I think in your case you say your house is out of wifi range of your neighbours; but since you're advising friends and family, it could be that one house's fridge/camera/thermostat hacks the neighbour's wifi traffic ... I understand only the *basics* of that argument, which is that if you have device 0 (the router), and then client 1 (refrigerator) and client 2 (Android phone), and client 3 (linux laptop) that *all* are vulnerable. The basic argument is that if someone gets in on client 1, 2, or 3, then the *whole* network is compromised. But is it? If client 1 is a refrigerator with very poor security, I get it that they can hack easily into client 1. All I'm asking is how does access to client 1 give them access to router 0 which "controls" the entire LAN? It doesn't directly. But they now have control of a wireless card, which they can adapt (software) to listen in on the traffic between your computer and the router (remember that the wireless signal goes everywhere), and can then subvert the communication between the computer and the router forcing the system into negotiation replay. I have no desire to figure out exactly how to do that, just that with fridges etc around with zero security, they have an in to your local network, and quite possibly can use that to run a Krack on the computer and the router. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|