Linux Lite Forums General Security & Bug Fixes v
WPA2 Wi-Fi Vulnerability KRACK


LINUX LITE 7.2 FINAL RELEASED - SEE RELEASE ANNOUNCEMENTS SECTION FOR DETAILS


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode
WPA2 Wi-Fi Vulnerability KRACK
Vera Offline

*****
Posts: 140
Threads: 31
Joined: May 2017
Reputation: 0
#1
10-16-2017, 09:27 PM
Hi, today a post came out on the Wordfence blog describing a couple of vulnerabilities (see https://www.wordfence.com/blog/2017/10/krack-and-roca/ ).  One of these is in the Wi-Fi WPA-2 protocol. The other is to do with public key authentication. These are not specific solely to Linux, but they affect a huge range of devices.

My question is, are we vulnerable and if so, is there any software that we should be installing on our Linux Lite machines to help protect/mitigate against these vulnerabilities? Any guidance would be much appreciated. Thank you.

EDIT (Jerry): Further reading:

https://usn.ubuntu.com/usn/usn-3455-1/
https://www.kb.cert.org/vuls/id/228519

White paper for the geeks - https://papers.mathyvanhoef.com/ccs2017.pdf

https://www.youtube.com/watch?v=Oh4WURZoR98
Using Linux Lite for everything now. I put it on my desktop and my laptop. Woohoo!
Find
Reply
trinidad Offline
Platinum Member
*****
Posts: 1,510
Threads: 140
Joined: Mar 2016
Reputation: 0
#2
10-16-2017, 09:40 PM (This post was last modified: 10-16-2017, 10:27 PM by trinidad.)
There is a lot one can do to prevent this with TLS layering but normal users will have to wait a while. It's certainly going to foul up some big ISPs for a while. Look for your little green lock.

https://www.kaspersky.com/blog/krackattack/19798/

And this is pathetically predictable. Look at active managemnet subset.

https://security-center.intel.com/adviso...geid=en-fr

TC
All opinions expressed and all advice given by Trinidad Cruz on this forum are his responsibility alone and do not necessarily reflect the views or methods of the developers of Linux Lite. He is a citizen of the United States where it is acceptable to occasionally be uninformed and inept as long as you pay your taxes.
Website Find
Reply
bonnevie Offline

Posts: 108
Threads: 12
Joined: Sep 2015
Reputation: 0
#3
10-16-2017, 10:58 PM
Correct me if I'm wrong, but it looks like there is something related to wpa in the updates today
Code:
archive.ubuntu.com/ubuntu xenial-security/main i386 wpasupplicant i386 2.4-0ubuntu6.2 [987 kB]
LL6.6 in VM
LL5.8 Host
Find
Reply
rokytnji Offline
Platinum Member
*****
Posts: 1,255
Threads: 21
Joined: Aug 2014
Reputation: 0
#4
10-17-2017, 01:02 AM (This post was last modified: 10-17-2017, 01:09 AM by rokytnji.)
Quote:But because Vanhoef hasn't released any proof-of-concept exploit code, there's little risk of immediate or widespread attacks.

There is no confirmation of this existing in the wild. This crack was done by a white hat under controlled conditions. Got any black war driving vans parked in front of your place?

Living on the Mexican border. I don't even sweat this. But then. My wireless router password was changed from the default "admin" ages ago.

You are not Target store, TJ maxx, or a Experian. The ones this hack will probably be aimed at.  I try and understand a vulnerability from a attacker.
Physical or cloud based. Before I react in fear. 

https://github.com/kristate/krackinfo

Usually. When the Linux world becomes a aware of a threat. You hear next real soon about what should be done.

If you read my gethub link above. Debian and Ubuntu already have patches for this.
LL 3.6,2.8
Dell XT2 > Touchscreen Laptop
Dell 755 > Desktop
Acer 150 > Desktop
I am who I am. Your approval is not needed.
Find
Reply
Valtam Offline
Administrator
*******
Posts: 8,895
Threads: 541
Joined: Feb 2014
Reputation: 5
#5
10-17-2017, 04:32 AM
As has been mentioned, this has been patched already. Run Install Updates now.

After Install Updates, open a terminal:

Code:
apt policy wpasupplicant

should return:

Code:
  Installed: 2.4-0ubuntu6.2
  Candidate: 2.4-0ubuntu6.2

If you have 'hostapd' installed too, do:

Code:
apt policy hostapd


should return:

Code:
  Installed: 1:2.4-0ubuntu6.2
  Candidate: 1:2.4-0ubuntu6.2

we do not supply hostapd in Linux Lite. You would of had to have installed this yourself at some point.

Now we just have to wait for our:

    Mobile phones
    Tablets and e-readers that use Wi-Fi
    Home and office routers
    Home devices like NEST, Amazon Echo and Google Home
    Printers, both home and office, that use Wi-Fi
    Any other device that uses Wi-Fi

manufacturers to release patches too. Smile

If you are 'super tinfoil' about this, use a 3G/4G connection until your device manufacturer has patched your other device/s and watch your browser address bar, make sure there is https where it should be!
Download your free copy of Linux Lite today.

Jerry Bezencon
Linux Lite Creator

It wants no straps.

[Image: X5qGkCg.png]

[Image: 0op1GNe.png] [Image: LgJ2mtP.png] [Image: vLZcFUE.png] [Image: lrUHro3.jpg]
Website Find
Reply
Mohd Sohail Offline

*****
Posts: 2
Threads: 0
Joined: Sep 2015
Reputation: 0
#6
10-18-2017, 04:10 PM
(10-16-2017, 09:40 PM)trinidad link Wrote: There is a lot one can do to prevent this with TLS layering but normal users will have to wait a while. It's certainly going to foul up some big ISPs for a while. Look for your little green lock.

https://www.kaspersky.com/blog/krackattack/19798/

And this is pathetically predictable. Look at active managemnet subset.

https://security-center.intel.com/adviso...geid=en-fr

TC

It's always good to note the green lock in the URL bar to confirm the data is transmitted securely. Though not every website has the green lock + the browser can be forced to use an HTTP version of a website. So then this tip won't work. But again we've to follow these tips and also use a good VPN to add an extra layer of security.

I hope the manufacturers will soon provide fixes against KRACK. Till then be a little careful.
Find
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)