Vulnerabilidad de WPA 2 permite leer y modificar datos.

Más
1 mes 5 días antes #1 por Tamalero
Tamalero Publicó: Vulnerabilidad de WPA 2 permite leer y modificar datos.
www.stationx.net/new-wpa2-attack-kracks-prevent/?utm_content=educational&utm_campaign=2017-10-16&utm_source=email-sendgrid&utm_term=15858120&utm_medium=875974

El metodo es llamado Key Reinstallation Attacks (KRaCKs)


Mas informacion:


www.anandtech.com/show/11936/multiple-wifi-encryption-vulnerabilities-disclosed-affecting-almost-everything

Today a collection of severe security vulnerabilities in the WPA2 encryption protocol for Wi-Fi are being disclosed, along with a proof of concept exploit. The weaknesses center around the process used for negotiating the encryption keys used by the client and access point. These core vulnerabilities are part of the Wi-Fi Protected Access WPA standard itself, so even devices that correctly implement WPA2 according to spec are expected to be affected. Both personal and enterprise WPA modes are affected, and both the original WPA and WPA2 are affected. The primary mode of attack exploits vulnerabilities in client devices, but there are some variants that affect features used by some access points.


www.tomshardware.com/news/wi-fi-wpa2-krack-traffic-decryption,35691.html

Researcher Mathy Vanhoef of KU Leuven, Belgium’s highest-ranked university, uncovered a vulnerability in the WPA2 encryption standard of the Wi-Fi protocol that affects virtually all Wi-Fi devices.

Attackers can use key reinstallation attacks (KRACKs) when in range of someone connecting to a Wi-Fi router to re-install or reset to zero their encryption keys, thus allowing them to read information that was assumed to be encrypted.

Weakness In The Wi-Fi WPA2 Standard

The vulnerability is in the Wi-Fi WPA2 standard itself, not in the implementations of the protocol, which means that even if it's correctly implemented devices are still vulnerable to attacks. In the researcher’s own tests, he found that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and other platforms were all affected by some variant of the attacks.

Vanhoef was able to decrypt a large number of packets when testing across the platforms mentioned, but the traffic of Android 6+ and Linux devices was even easier to decrypt than the other platforms. That's because these devices’ WPA2 keys could be reset to zero, so in essence all traffic could then be decrypted.

Gracias de: Diaboliquin

Por favor, Identificarse o Crear cuenta para unirse a la conversación.

Más
4 semanas 5 horas antes #2 por Maga
Maga respondió el tema: Vulnerabilidad de WPA 2 permite leer y modificar datos.
No me preocupa, esperare aqui sentado a que salga update de mi firmware /S

Supongo que esto hace que todos los dispositivos Wi-Fi sean un riesgo, por lo que hay que desechar la tecnologia y a cambiar todo de nuevo.

[Tinfoilhat] Me pregunto si sera parte de aquel mito de que se construye la tecnologia con X años de vida y volverla obsoleta antes de que deje de servir para meter nuevos productos.

Por favor, Identificarse o Crear cuenta para unirse a la conversación.

Tiempo de carga de la página: 0.147 segundos
nonskid
nonskid
nonskid
nonskid