+- Linux Lite Forums (https://www.linuxliteos.com/forums)
+-- Forum: General (https://www.linuxliteos.com/forums/forumdisplay.php?fid=4)
+--- Forum: Security & Bug Fixes (https://www.linuxliteos.com/forums/forumdisplay.php?fid=16)
+--- Thread: WPA2 Wi-Fi Vulnerability KRACK (/showthread.php?tid=4545)
WPA2 Wi-Fi Vulnerability KRACK - Vera - 10-16-2017
Hi, today a post came out on the Wordfence blog describing a couple of vulnerabilities (see https://www.wordfence.com/blog/2017/10/krack-and-roca/ ). One of these is in the Wi-Fi WPA-2 protocol. The other is to do with public key authentication. These are not specific solely to Linux, but they affect a huge range of devices.
My question is, are we vulnerable and if so, is there any software that we should be installing on our Linux Lite machines to help protect/mitigate against these vulnerabilities? Any guidance would be much appreciated. Thank you.
EDIT (Jerry): Further reading:
https://usn.ubuntu.com/usn/usn-3455-1/
https://www.kb.cert.org/vuls/id/228519
White paper for the geeks - https://papers.mathyvanhoef.com/ccs2017.pdf
https://www.youtube.com/watch?v=Oh4WURZoR98
Re: WPA2 Wi-Fi Vulnerability KRACK - trinidad - 10-16-2017
There is a lot one can do to prevent this with TLS layering but normal users will have to wait a while. It's certainly going to foul up some big ISPs for a while. Look for your little green lock.
https://www.kaspersky.com/blog/krackattack/19798/
And this is pathetically predictable. Look at active managemnet subset.
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr
TC
Re: WPA2 Wi-Fi Vulnerability KRACK - bonnevie - 10-16-2017
Correct me if I'm wrong, but it looks like there is something related to wpa in the updates today
Code:
archive.ubuntu.com/ubuntu xenial-security/main i386 wpasupplicant i386 2.4-0ubuntu6.2 [987 kB]Re: WPA2 Wi-Fi Vulnerability KRACK - rokytnji - 10-17-2017
Quote:But because Vanhoef hasn't released any proof-of-concept exploit code, there's little risk of immediate or widespread attacks.
There is no confirmation of this existing in the wild. This crack was done by a white hat under controlled conditions. Got any black war driving vans parked in front of your place?
Living on the Mexican border. I don't even sweat this. But then. My wireless router password was changed from the default "admin" ages ago.
You are not Target store, TJ maxx, or a Experian. The ones this hack will probably be aimed at. I try and understand a vulnerability from a attacker.
Physical or cloud based. Before I react in fear.
https://github.com/kristate/krackinfo
Usually. When the Linux world becomes a aware of a threat. You hear next real soon about what should be done.
If you read my gethub link above. Debian and Ubuntu already have patches for this.
Re: WPA2 Wi-Fi Vulnerability KRACK - Valtam - 10-17-2017
As has been mentioned, this has been patched already. Run Install Updates now.
After Install Updates, open a terminal:
Code:
apt policy wpasupplicantshould return:
Code:
Installed: 2.4-0ubuntu6.2
Candidate: 2.4-0ubuntu6.2If you have 'hostapd' installed too, do:
Code:
apt policy hostapdshould return:
Code:
Installed: 1:2.4-0ubuntu6.2
Candidate: 1:2.4-0ubuntu6.2we do not supply hostapd in Linux Lite. You would of had to have installed this yourself at some point.
Now we just have to wait for our:
Mobile phones
Tablets and e-readers that use Wi-Fi
Home and office routers
Home devices like NEST, Amazon Echo and Google Home
Printers, both home and office, that use Wi-Fi
Any other device that uses Wi-Fi
manufacturers to release patches too.
If you are 'super tinfoil' about this, use a 3G/4G connection until your device manufacturer has patched your other device/s and watch your browser address bar, make sure there is https where it should be!
Re: WPA2 Wi-Fi Vulnerability KRACK - Mohd Sohail - 10-18-2017
(10-16-2017, 09:40 PM)trinidad link Wrote: There is a lot one can do to prevent this with TLS layering but normal users will have to wait a while. It's certainly going to foul up some big ISPs for a while. Look for your little green lock.
https://www.kaspersky.com/blog/krackattack/19798/
And this is pathetically predictable. Look at active managemnet subset.
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr
TC
It's always good to note the green lock in the URL bar to confirm the data is transmitted securely. Though not every website has the green lock + the browser can be forced to use an HTTP version of a website. So then this tip won't work. But again we've to follow these tips and also use a good VPN to add an extra layer of security.
I hope the manufacturers will soon provide fixes against KRACK. Till then be a little careful.