[196306] in North American Network Operators' Group
RE: Gonna be a long day for anybody with CPE that does WPA2..
daemon@ATHENA.MIT.EDU (Sean Pedersen)
Tue Oct 17 05:28:02 2017
X-Original-To: nanog@nanog.org
From: "Sean Pedersen" <spedersen.lists@gmail.com>
To: <nanog@nanog.org>
In-Reply-To: <193712.1508139499@turing-police.cc.vt.edu>
Date: Mon, 16 Oct 2017 07:39:48 -0700
Errors-To: nanog-bounces@nanog.org
Cisco's PSIRT:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-
sa-20171016-wpa
Some fixes appear to be available, or will be soon.
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of
valdis.kletnieks@vt.edu
Sent: Monday, October 16, 2017 12:38 AM
To: nanog@nanog.org
Subject: Gonna be a long day for anybody with CPE that does WPA2..
Looks like WPA2 may have just become the new WEP.
And it looks like we're all going to be reflashing a lot of devices.
"The proof-of-concept exploit is called KRACK, short for Key Reinstallation
Attacks. The research has been a closely guarded secret for weeks ahead of a
coordinated disclosure that's scheduled for 8 a.m. Monday, east coast time.
An
advisory the US CERT recently distributed to about 100 organizations
described
the research this way:
"US-CERT has become aware of several key management vulnerabilities in the
4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol.
The
impact of exploiting these vulnerabilities includes decryption, packet
replay,
TCP connection hijacking, HTTP content injection, and others. Note that as
protocol-level issues, most or all correct implementations of the standard
will
be affected. The CERT/CC and the reporting researcher KU Leuven, will be
publicly disclosing these vulnerabilities on 16 October 2017."
https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-p
rotocol-leaves-wi-fi-traffic-open-to-eavesdropping/
