Hi Lonnie Thanks for the info. Although even with AES, the fact that you can decrypt traffic from Client to AP means that all login credentials etc. will be in the clear as shown in the video.
Regards Michael Knill -----Original Message----- From: Lonnie Abelbeck <li...@lonnie.abelbeck.com> Reply-To: AstLinux List <astlinux-users@lists.sourceforge.net> Date: Tuesday, 17 October 2017 at 8:58 am To: AstLinux List <astlinux-users@lists.sourceforge.net> Subject: Re: [Astlinux-users] KRACK - WiFi WPA2 Key Reinstallation Attacks I agree demonstrating with sslstrip is confusing, I presume demonstrating a worst case scenario. I ran across a good FAQ by Aruba Networks, skip the Aruba specific stuff, but found this general comment particularly interesting: -- Q: What is the impact? A: When used successfully against WPA2 with AES-CCMP (the default mode of operation for most Wi-Fi networks), an attacker can decrypt and replay packets in one direction of communication (from client to AP), but cannot forge packets and inject them into the network. When used against WPA-TKIP – an encryption scheme that already suffers from serious security weaknesses and is not recommended for use – an attacker can decrypt, replay, and forge packets. -- WPA SECURITY VULNERABILITY http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf That reads like a less than major issue for WPA2-AES setups. Lonnie On Oct 16, 2017, at 2:48 PM, Michael Knill <michael.kn...@ipcsolutions.com.au> wrote: > Hmm in the video he used the sslstrip tool to force HTTP as a Man in the > Middle attack! > > Regards > Michael Knill > > -----Original Message----- > From: Lonnie Abelbeck <li...@lonnie.abelbeck.com> > Reply-To: AstLinux List <astlinux-users@lists.sourceforge.net> > Date: Tuesday, 17 October 2017 at 4:30 am > To: AstLinux List <astlinux-users@lists.sourceforge.net> > Subject: [Astlinux-users] KRACK - WiFi WPA2 Key Reinstallation Attacks > > AstLinux Users, > > For the sake of completeness, AstLinux standard builds do not contain WiFi > client (wpa_supplicant) or server (hostapd) support, so the recent KRACK WPA2 > security disclosures do not apply to AstLinux. > > Ref: Key Reinstallation Attacks > Breaking WPA2 by forcing nonce reuse > https://www.krackattacks.com > > Though, any attached WiFi WPA2 access points and corresponding clients may > well be vulnerable, in particular any Linux clients using wpa_supplicant are > particularly vulnerable. > > Note that this KRACK vulnerability affects WiFi non-encrypted traffic > payloads such as HTTP, as if you tapped a cable, encrypted payloads such as > HTTPS and OpenVPN remain secure. > > Lonnie > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pay...@krisk.org. > > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
