Re: [PLUG] Wpa2 oops

[KP <kperry@daotechnologies.com>]

Rich,

I'm still digging through the early talk on this but the short answer is yes and an attack tool is up on git.

Here's another link...

https://www.google.com/amp/s/arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/%3Famp=1

On October 16, 2017 8:37:04 AM EDT, Rich Freeman <r-plug@thefreemanclan.net> wrote:

On Mon, Oct 16, 2017 at 12:44 AM, Paul Walker <pjwalker76@gmail.com> wrote:
 https://www.eff.org/https-everywhere


That obviously it goes a long way, though it is limited to https via a
browser with a plugin, which isn't the only traffic your device is
going to send over WiFi.

If you connect to a coffee shop AP somebody might play with your DHCP
handshake so that you end up being directed to a hostile DNS server.
I don't think DNS itself is authenticated in typical use, so they
could probably also tamper with that even if they don't send you to
their server.

The one question I have about this is whether somebody can use this
attack to connect to an AP.  That is actually my biggest concern -
somebody connecting to my home WiFi and now they're free to attack
random hosts (some more secure than others), and also to send
heaven-knows-what to the internet at large with my door being the one
the FBI kicks down at 2AM.

It also sounds like this is a problem with the protocol itself - just
patching my routers/etc isn't going to help me, as I'd basically need
a "WPA3" that is incompatible with everything I already own.

-- 
Sent from my Android device with K-9 Mail.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug