Re: [PLUG] Wpa2 oops

Rich Freeman on 16 Oct 2017 08:23:14 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Wpa2 oops

From: Rich Freeman <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Wpa2 oops
Date: Mon, 16 Oct 2017 08:23:07 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=ua0O49gVZdGHZwpDBAEkNxXeQapa3hgzQo7BRkRT8cI=; b=WxaIIZCQXTCOteFNm9AjWDdLTGTfRdVKz+6x4iT60XjHyD3csLQDINIz2Oh+ekmkZK 7E/CeFOVY3mxhtONLBFGbXpIXRxfFzL5/6krlYOE44grBZN1kflaldQTHtllqJ6VeQR2 5U7ybmgdnkb+AzzeRrR+ckS9ox2r0puwhhp+tVyAnDaAkqqzj6d3bWcCWQ+HAH0f5zQZ XqeI8yHlRPgtaM+JVb/XkrD2rqBmcCOBCf8zX+4QpCj6Xydr7epLKb1QiR2o7p07+ECi iW2FYCMZeQxie0kV+cQnBdvtTJrlelXIO6SHYzZOkSoEqcjAQ+8srD6pow3hCndrYMMr 5rfg==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Mon, Oct 16, 2017 at 6:13 AM, KP <kperry@daotechnologies.com> wrote:
> On October 16, 2017 8:37:04 AM EDT, Rich Freeman <r-plug@thefreemanclan.net>
> wrote:
>>
>>
>> The one question I have about this is whether somebody can use this
>> attack to connect to an AP.  That is actually my biggest concern -
>> somebody connecting to my home WiFi and now they're free to attack
>> random hosts (some more secure than others), and also to send
>> heaven-knows-what to the internet at large with my door being the one
>> the FBI kicks down at 2AM.
>
> I'm still digging through the early talk on this but the short answer is yes
> and an attack tool is up on git.
>
> Here's another link...
>
> https://www.google.com/amp/s/arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/%3Famp=1
>

I don't see anything in that article about connecting to an AP.  I see
plenty of talk about reading the data going through two connected
devices, and TCP connection hijacking, but not WiFi connection
hijacking.

From what I've seen so far they can see what is going on in a
connection, and manipulate data going through it, but they can't
actually connect to the AP directly and just send arbitrary traffic
through it.  However, that could just be a lack of detail.

Put another way - my phone is connected via WPA2.  You can
receive/transmit whatever you want with both hosts.  I power off my
phone.  Can you now open a TCP connection to an arbitrary host when I
have no legitimate devices on the network, though you did have the
ability to interact with legitimate devices earlier?  Or are you
limited to just tampering with traffic passed by a legitimate host?

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] Wpa2 oops
  - From: jeffv <jeffv@op.net>
- Re: [PLUG] Wpa2 oops
  - From: brent timothy saner <brent.saner@gmail.com>
- Re: [PLUG] Wpa2 oops
  - From: Paul Walker <pjwalker76@gmail.com>
- Re: [PLUG] Wpa2 oops
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] Wpa2 oops
  - From: KP <kperry@daotechnologies.com>

Prev by Date: Re: [PLUG] Wpa2 oops
Next by Date: Re: [PLUG] Hey PLUG organizers...want a tech talk on NTPsec?
Previous by thread: Re: [PLUG] Wpa2 oops
Next by thread: Re: [PLUG] Wpa2 oops
Index(es):
- Date
- Thread