[Lista ArNOG] [lacnog] Bye Bye WPA2 ! (una nota corta de su chair..)

Carlos M. Martinez carlosm3011 en gmail.com
Vie Oct 20 22:09:16 ART 2017


Hola!

Sin duda esta no es una situación ideal, pero si no tuviéramos defensa 
en capas claramente estaríamos peor.

Buen finde !

/Carlos

On 19 Oct 2017, at 9:54, Ivan Chapero wrote:

> Comparto Carlos,
> pero esto escapa un poco de lo que el usuario pueda hacer 
> "preventivamente"
> dado que el protocolo vulnerado al estar presente en dispositivos algo 
> más
> embebidos, por ej un smartTV (ni que hablar algún IoT), no tenes la
> interfaz de usuario suficiente para levantar VPNs o saber a ciencia 
> cierta
> si estas navegando por HTTPS.
>
> Y lo peor que toda esa fragmentación de firmware/kernels/SO 
> posiblemente
> nunca reciban un parche.
>
>
> 2017-10-18 14:45 GMT-03:00 Carlos M. Martinez <carlosm3011 en gmail.com>:
>
>> Este es un excelente ejemplo de por que debemos hacer defensa en 
>> capas.
>>
>> Aquello de “que me importa el dnssec si igual uso https, o que me 
>> importa
>> el ipsec si igual uso wpa2” claramente no se sostiene.
>>
>> Necesitamos de la seguridad en todas las capas y en todos los 
>> elementos de
>> la arquitectura de red.
>>
>> s2
>>
>> Carlos
>>
>> On 18 Oct 2017, at 0:21, Ivan Chapero wrote:
>>
>> *Una aclaración importante. FYI:*
>>
>> *------------------------------------------------*
>>
>> *Clarification for the WPA2 Vulnerabilities:*
>> 1. Please have a look at the article <https://www.krackattacks.com/> 
>> published
>> by Mathy Vanhoef and pay attention to the QA listed at the end:
>> *Q: What if there are no security updates for my router?*
>> *A:* Our main attack is against the 4-way handshake, and does not 
>> exploit
>> access points, but instead targets clients. So it might be that your
>> router does not require security updates. We strongly advise you to
>> contact your vendor for more details. In general though, you can try 
>> to
>> mitigate attacks against routers and access points by disabling 
>> client
>> functionality (which is for example used in repeater modes) and 
>> disabling
>> 802.11r (fast roaming). For ordinary home users, your priority should 
>> be
>> updating clients such as laptops and smartphones.
>>
>> From the QA, we can get clear that the vulnerabilities only targets 
>> the
>> devices act as Wi-Fi clients, including laptops, smartphones, range
>> extenders working in RE mode, routers/gateways working in RE/WDS/WISP 
>> mode.
>> Thus if you're using the following TP-Link products:
>> # All powerline adapters
>> # All mobile Wi-Fi products
>> # Routers and gateways working on default Router mode or Access Point 
>> mode
>> # Range extenders working in AP mode
>> You will not be affected by the WPA2 vulnerabilities. What you need 
>> to do
>> is updating your Wi-Fi clients.
>>
>> 2. Conditions of vulnerability occurrence:
>> # Physical limit: The attack only happens when an attacker is in 
>> physical
>> proximity to and within wireless range of your network.
>> # Time limit: The attack only happens when connecting or reconnecting 
>> to
>> Wi-Fi network.
>>
>> 2017-10-17 9:54 GMT-03:00 Maximiliano Ariel Villalba Galeano <
>> max.a.villalba.galeano en gmail.com>:
>>
>>> https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD
>>> +Reference=228519&SearchOrder=4
>>>
>>> Listado de equipos afectados.
>>>
>>> 2017-10-17 3:03 GMT-04:00 Nicolas Cortes <ncort3s en gmail.com>:
>>>
>>>> FYI
>>>>
>>>> ---------- Forwarded message ---------
>>>> From: Rogerio Mariano <rsouza.rjo en gmail.com>
>>>> Date: Mon, Oct 16, 2017 at 23:13
>>>> Subject: [lacnog] Bye Bye WPA2 ! (una nota corta de su chair..)
>>>> To: Latin America and Caribbean Region Network Operators Group <
>>>> lacnog en lacnic.net>
>>>>
>>>>
>>>>
>>>>
>>>> https://www.krackattacks.com/
>>>> _______________________________________________
>>>> LACNOG mailing list
>>>> LACNOG en lacnic.net
>>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>>> Cancelar suscripcion: 
>>>> https://mail.lacnic.net/mailman/options/lacnog
>>>>
>>>> _______________________________________________
>>>> Lista mailing list
>>>> Lista en arnog.com.ar
>>>> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Lista mailing list
>>> Lista en arnog.com.ar
>>> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>>>
>>>
>>
>>
>> --
>>
>> *Ivan ChaperoÁrea Técnica y Soporte*
>> Fijo: 03464-470280 (interno 535) | Móvil:  03464-155-20282  | Skype 
>> ID:
>> ivanchapero
>> --
>> GoDATA Banda Ancha - CABLETEL S.A. | Av. 9 de Julio 1163 - 2183 - 
>> Arequito
>> - Santa Fe - Argentina
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Lista mailing list
>> Lista en arnog.com.ar
>> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>>
>>
>> _______________________________________________
>> Lista mailing list
>> Lista en arnog.com.ar
>> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>>
>>
>
>
> -- 
>
> *Ivan ChaperoÁrea Técnica y Soporte*
> Fijo: 03464-470280 (interno 535) | Móvil:  03464-155-20282  | Skype 
> ID:
> ivanchapero
> --
> GoDATA Banda Ancha - CABLETEL S.A. | Av. 9 de Julio 1163 - 2183 - 
> Arequito
> - Santa Fe - Argentina


> _______________________________________________
> Lista mailing list
> Lista en arnog.com.ar
> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <http://mailmancabase.interdotnet.com.ar/pipermail/lista/attachments/20171020/46d029bb/attachment.html>


Más información sobre la lista de distribución Lista