From: Lonnie A. <li...@lo...> - 2017-10-16 21:57:55
|
I agree demonstrating with sslstrip is confusing, I presume demonstrating a worst case scenario. I ran across a good FAQ by Aruba Networks, skip the Aruba specific stuff, but found this general comment particularly interesting: -- Q: What is the impact? A: When used successfully against WPA2 with AES-CCMP (the default mode of operation for most Wi-Fi networks), an attacker can decrypt and replay packets in one direction of communication (from client to AP), but cannot forge packets and inject them into the network. When used against WPA-TKIP – an encryption scheme that already suffers from serious security weaknesses and is not recommended for use – an attacker can decrypt, replay, and forge packets. -- WPA SECURITY VULNERABILITY http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf That reads like a less than major issue for WPA2-AES setups. Lonnie On Oct 16, 2017, at 2:48 PM, Michael Knill <mic...@ip...> wrote: > Hmm in the video he used the sslstrip tool to force HTTP as a Man in the Middle attack! > > Regards > Michael Knill > > -----Original Message----- > From: Lonnie Abelbeck <li...@lo...> > Reply-To: AstLinux List <ast...@li...> > Date: Tuesday, 17 October 2017 at 4:30 am > To: AstLinux List <ast...@li...> > Subject: [Astlinux-users] KRACK - WiFi WPA2 Key Reinstallation Attacks > > AstLinux Users, > > For the sake of completeness, AstLinux standard builds do not contain WiFi client (wpa_supplicant) or server (hostapd) support, so the recent KRACK WPA2 security disclosures do not apply to AstLinux. > > Ref: Key Reinstallation Attacks > Breaking WPA2 by forcing nonce reuse > https://www.krackattacks.com > > Though, any attached WiFi WPA2 access points and corresponding clients may well be vulnerable, in particular any Linux clients using wpa_supplicant are particularly vulnerable. > > Note that this KRACK vulnerability affects WiFi non-encrypted traffic payloads such as HTTP, as if you tapped a cable, encrypted payloads such as HTTPS and OpenVPN remain secure. > > Lonnie > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > |