National Capital FreeNet / Libertel de la capitale nationale

KRACK Vulnerability

Line 1: Line 1:
Disclaimer: This page is specifically written to help members with limited technical knowledge or experience understand the most relevant aspects of this topic for them. We include some helpful links below for further study.   
Disclaimer: This page is specifically written to help members with limited technical knowledge or experience understand the most relevant aspects of this topic for them. We include some helpful links below for further study.   
-
What is KRACK?
+
=What is KRACK?=
* KRACKs stands for Key Reinstallation Attacks and describes attacks on Wi-Fi networks using weaknesses in WPA2 protocol which secures most modern protected Wi-Fi networks.
* KRACKs stands for Key Reinstallation Attacks and describes attacks on Wi-Fi networks using weaknesses in WPA2 protocol which secures most modern protected Wi-Fi networks.
* KRACKs allows attacker to read and access information on your wifi network that was considered secured.
* KRACKs allows attacker to read and access information on your wifi network that was considered secured.
Line 8: Line 8:
** Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client.
** Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client.
-
Why should I care?
+
=Why should I care?=
-
* Wi-Fi is widely used and WPA2 is presently the most for securing Wi-Fi connections included modems configured by NCF.
+
* WPA2 is widely used and presently the strongest form of Wi-Fi security available to the average person including modems configured by NCF.
-
* Variations of KRACK can be used against clients of various kinds including devices running Android, Apple OSes, Windows, Linux and may others.  
+
* Variations of KRACK can be used against clients of various kinds including devices running Android, Apple OSes, Windows and Linux.
-
Important Things to Note:
+
=Important Things to Note:=
-
* Vulnerability vs Infection: Most devices having a vulnerability to a particular attack does not mean that you device are already affected or even at a high risk of infection. Follow the recommendations below to guard against this vulnerability.   
+
* NCF modems as we typically configure them as not vulnerable to KRACK however your client devices may be.
 +
* Vulnerability vs Infection: Devices having a vulnerability to a particular attack does not mean that you device are already infected or even at a high risk of infection. Follow the recommendations below to guard against this vulnerability.   
* Proximity: An attacker needs to be within wireless range of your network that (close enough to connect to your wifi).
* Proximity: An attacker needs to be within wireless range of your network that (close enough to connect to your wifi).
* Time: This attack works during the periods of connection and reconnection of your client device to a wifi network. As such, an attacker has a very limited time window in which to try employing this attack (usually a few seconds).
* Time: This attack works during the periods of connection and reconnection of your client device to a wifi network. As such, an attacker has a very limited time window in which to try employing this attack (usually a few seconds).
-
What should I do?
+
=What should I do?=
*
*
-
How can I learn more?
+
=What is NCF doing about KRACK?=
 +
*
 +
*If firmware updates for NCF modems become available that patch KRACK such that it
 +
 
 +
=How can I learn more?=
*[https://www.krackattacks.com/ Krack Attacks Website by Mathy Vanhoef of imec-DistriNet]
*[https://www.krackattacks.com/ Krack Attacks Website by Mathy Vanhoef of imec-DistriNet]
*[https://www.krackattacks.com/#faq Krack Attacks FAQ]
*[https://www.krackattacks.com/#faq Krack Attacks FAQ]

Revision as of 15:48, 2 November 2017

Disclaimer: This page is specifically written to help members with limited technical knowledge or experience understand the most relevant aspects of this topic for them. We include some helpful links below for further study.

Contents

What is KRACK?

  • KRACKs stands for Key Reinstallation Attacks and describes attacks on Wi-Fi networks using weaknesses in WPA2 protocol which secures most modern protected Wi-Fi networks.
  • KRACKs allows attacker to read and access information on your wifi network that was considered secured.
  • Wi-Fi networks use a password through WPA2 for 2 general purposes:
    • Control who can connect to the network; and
    • Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client.

Why should I care?

  • WPA2 is widely used and presently the strongest form of Wi-Fi security available to the average person including modems configured by NCF.
  • Variations of KRACK can be used against clients of various kinds including devices running Android, Apple OSes, Windows and Linux.


Important Things to Note:

  • NCF modems as we typically configure them as not vulnerable to KRACK however your client devices may be.
  • Vulnerability vs Infection: Devices having a vulnerability to a particular attack does not mean that you device are already infected or even at a high risk of infection. Follow the recommendations below to guard against this vulnerability.
  • Proximity: An attacker needs to be within wireless range of your network that (close enough to connect to your wifi).
  • Time: This attack works during the periods of connection and reconnection of your client device to a wifi network. As such, an attacker has a very limited time window in which to try employing this attack (usually a few seconds).

What should I do?

What is NCF doing about KRACK?

  • If firmware updates for NCF modems become available that patch KRACK such that it

How can I learn more?