Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 23 Nov 2017, 14:58
All times are UTC - 4
 Forum index » Off-Topic Area » Security
WPA2 wifi open to key reinstallation attacks
Post new topic   Reply to topic View previous topic :: View next topic
Page 3 of 3 [41 Posts]   Goto page: Previous 1, 2, 3
Author Message
souleau


Joined: 23 Oct 2016
Posts: 112

PostPosted: Thu 19 Oct 2017, 13:04    Post subject:  

Okay, without having the slightest idea of what I am talking about, but having a decent comprehension in reading, I have established the following from the link listed below.

If you have a wpa_supplicant version before 2.4, you are still open to attacks. However, the type of data that may be decrypted and is subsequently open to attacks is limited to ARP, DHCP, or TCP SYN packets.
These are, however, sufficient to potentially exploit other weaknesses in your system and possibly hijack an application session.
But..if you have an unpatched wpa_supplicant version 2.4 or higher, then a forced replay scenario is handled in such a way that an encryption key consisting of all zeros is being installed, and that, on top of the types of data mentioned before, allows your general Wi-Fi data to be decrypted and manipulated also.

From this source:

http://www.revolutionwifi.net/revolutionwifi/2017/10/wpa2-krack-vulnerability-getting-information

So yeah, pretty bad all around.
Back to top
View user's profile Send private message 
Sailor Enceladus

Joined: 22 Feb 2016
Posts: 1291

PostPosted: Thu 19 Oct 2017, 14:36    Post subject:  

8Geee wrote:
As I'm writing and doing double-check, Slackware has released its patch for wpa_supplicant dated today (10/18/17). Note that Slackware is posting updates for 14.0, 14.1, 14.2 and current... all show v2.6-1.

Strange, when I use Updates Manager in Slacko 14.0 it says v2.6-1, but if I use Woof-CE to download packages.txt from the repositories it still grabs v2.4. Where is it even finding v2.4 in the list... when the repositories all show v1.0 and v2.6. I wonder.

edit: Nevermind, it's working now.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1265
Location: N.E. USA

PostPosted: Thu 19 Oct 2017, 16:32    Post subject:  

Soleau:

Thats the way I read it too. Older stuff has "other" problems... from 2.4 and up, "this" one occurs. This one is very bad in that all data can be "replayed". As someone else posted, the client-side (end-user) has 9 of 10 vunerabilities.

Regards
8Geee

Puppy Package Manager needs to be updated, and is your friend here.

_________________
Linux user #498913
Back to top
View user's profile Send private message 
Subito Piano


Joined: 27 May 2007
Posts: 608
Location: UPSTATE New York

PostPosted: Sat 21 Oct 2017, 10:53    Post subject:  

So...three questions:

1- is wpa-supplicant version 2.1 (in my TahrPup) vulnerable? I didn't catch that from the previous posts.
2 - i use a whitelist in my wi-fi router to block all devices not listed. Does this offer protection against KRACK vulnerability? I can't seem to find an answer to this on the web....(EDIT: i found that, according to this post, it will not help)
3 - can attacker hack via email programs such as Thunderbird and Sylpheed?

Thanks!

_________________
"God is love" - I John 4:12
Tahrpup 6.0.5
(A/V Linux for live digital synth; MX16 for the work laptop....Puppy couldn't start the graphics...???!?!?!)
Back to top
View user's profile Send private message Visit poster's website 
6502coder


Joined: 23 Mar 2009
Posts: 405
Location: Western United States

PostPosted: Sat 21 Oct 2017, 18:42    Post subject:  

Subito Piano wrote:
1- is wpa-supplicant version 2.1 (in my TahrPup) vulnerable? I didn't catch that from the previous posts.

Yes, TahrPup is vulnerable. Apply the Ubuntu patches for Tahr -- see the link posted above by jd7654
Back to top
View user's profile Send private message 
Subito Piano


Joined: 27 May 2007
Posts: 608
Location: UPSTATE New York

PostPosted: Sat 21 Oct 2017, 19:50    Post subject:  

Thanks, 6502..
...but forgive my ignorance. I followed the link and downloaded but don't know how to install it. Sad I did find what i hope is the correct deb (wpasupplicant_2.1-0ubuntu1.5_i386.deb) here. However, issuing the command
Code:
wpa_supplicant -v
yielded the same answer as before the install of this deb package
Code:
wpa_supplicant v2.1

Which, i gather from the above posts, is to be expected.
So -- is this deb file that i installed the patch we TahrPup users need?

_________________
"God is love" - I John 4:12
Tahrpup 6.0.5
(A/V Linux for live digital synth; MX16 for the work laptop....Puppy couldn't start the graphics...???!?!?!)
Back to top
View user's profile Send private message Visit poster's website 
jd7654

Joined: 06 Apr 2015
Posts: 256

PostPosted: Sat 21 Oct 2017, 21:32    Post subject:  

Subito Piano wrote:
I did find what i hope is the correct deb (wpasupplicant_2.1-0ubuntu1.5_i386.deb) here. However, issuing the command
Code:
wpa_supplicant -v
yielded the same answer as before the install of this deb package
Code:
wpa_supplicant v2.1


The Trusty patch doesn't seem to work well with PPM, since the version does not change, but it does install OK in Puppy Tahr.(in full Ubuntu you can verify exact package version installed with dpkg/apt)
You can check file date and sizes in the layers like below, note Oct 16 and larger size:(example from Tahr64)

Code:
root# ls -l /initrd/pup_ro2/sbin/wp*
-rwxr-xr-x 1 root root    1735 Jan 28  2014 /initrd/pup_ro2/sbin/wpa_action
-rwxr-xr-x 1 root root   94160 Dec 16  2015 /initrd/pup_ro2/sbin/wpa_cli
-rwxr-xr-x 1 root root 1769888 Dec 16  2015 /initrd/pup_ro2/sbin/wpa_supplicant
root# ls -l /initrd/pup_rw/sbin/wp*
-rwxr-xr-x 1 root root    1735 Jan 28  2014 /initrd/pup_rw/sbin/wpa_action
-rwxr-xr-x 1 root root   94160 Oct 16 03:25 /initrd/pup_rw/sbin/wpa_cli
-rwxr-xr-x 1 root root 1773984 Oct 16 03:25 /initrd/pup_rw/sbin/wpa_supplicant
root#


Slackware/Slacko did it better with a upgrade to new v2.6 with patch, so easy to see changes. Ubuntu just patched current version as a quick fix, which is ultra conservative.
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1265
Location: N.E. USA

PostPosted: Sun 22 Oct 2017, 02:19    Post subject:  

Just a reminder here

Whatever one does using wifi is vunerable: whatever is done using ethernet is not.

This is not a function of the app: it is a function of wifi itself, no matter what app is used.

Regards
8Geee

_________________
Linux user #498913
Back to top
View user's profile Send private message 
Subito Piano


Joined: 27 May 2007
Posts: 608
Location: UPSTATE New York

PostPosted: Sun 22 Oct 2017, 12:39    Post subject:  

jd7654: Thanks. Shows success in my laptop. I assume it will also show the update on my USB Puppy after a restart.

8Geee: Oh yes.....a good reminder to all. Which leads to a question -- if i have wifi up and running, cannot my wired system's information be compromised? Seems to me it would.

_________________
"God is love" - I John 4:12
Tahrpup 6.0.5
(A/V Linux for live digital synth; MX16 for the work laptop....Puppy couldn't start the graphics...???!?!?!)
Back to top
View user's profile Send private message Visit poster's website 
belham2

Joined: 15 Aug 2016
Posts: 1305

PostPosted: Sun 22 Oct 2017, 13:27    Post subject:  

Subito Piano wrote:
jd7654: Thanks. Shows success in my laptop. I assume it will also show the update on my USB Puppy after a restart.

8Geee: Oh yes.....a good reminder to all. Which leads to a question -- if i have wifi up and running, cannot my wired system's information be compromised? Seems to me it would.



Hi Subito,

Do yourself the biggest favor you could ever do: take a few hours and teach yourself how to setup a "subnet" in your home for your wireless devices. And prohibit that subnet from ever seeing your "lan" connected devices. Then, from that point forward, your home "wireless" gadgets will never interact & co-mingle with your "lan" connected gadgets. Use your wireless for all the carefree stuff you do online (like posting to this forum). And use your "lan" connected devices for all things you want done securely on the Net.

The WPA2 hack and issues you read does not affect the "lan" side of things, especially if a machine has no wireless and/or its wireless function is turned off. And if you're on a different subnet with your lan, then for all intents & purposes that lan could be halfway around the world and your wireless devices & its subnet would never know. Wink
Back to top
View user's profile Send private message 
Subito Piano


Joined: 27 May 2007
Posts: 608
Location: UPSTATE New York

PostPosted: Sun 22 Oct 2017, 13:31    Post subject:  

Thanks!
_________________
"God is love" - I John 4:12
Tahrpup 6.0.5
(A/V Linux for live digital synth; MX16 for the work laptop....Puppy couldn't start the graphics...???!?!?!)
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 3 of 3 [41 Posts]   Goto page: Previous 1, 2, 3
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1615s ][ Queries: 12 (0.0239s) ][ GZIP on ]