spin
October 16, 2017, 6:49am
1
Need to see what implications are for us. We may need to upgrade all devices (if Mikrotik had released a patch).
Note it seems to generally more important to fix your access point clients. I.e. devices that connect to your WiFi network (or to other WiFi networks).
Windows
Keep your system updated. Apparently Microsoft has released updates already for it.
Android
Nothing yet, but keep your Android updated.
Apple (Mac/iOS)
Nothing yet, but presumably soon.
Ubuntu/Debian
Updates have been released please update your systems:http://seclists.org/bugtraq/2017/Oct/25
Mikrotik
As Stiaan reminded me we don’t use WPA2 on wug links so should be fine, unless nv2/nstreme has similar vulnerabilities. Home WiFi and other hotspots do use it. So upgrade your clients and your routers on your hotspots where possible.
I’d upgrade any Mikrotik used as home access point to 6.40.4 or 6.39.3 (the latest bugfix version ). Both are available on downloads.ctwug.za.net . Both are fixed for this vulnerability.
Ubiquity
They have released updated firmware. Will update downloads when I get a chance.
General
2 Likes
Should be low-impact for the network as we do not use WPA2, but node (home) AP’s may be vulnerable as these would most likely be using WPA2
2 Likes
spin
October 16, 2017, 7:18am
3
Let me know if people release updated software. I will update downloads.ctwug.za.net tonight if needed.
Gekido
October 16, 2017, 7:33am
4
1 Like
spin
October 16, 2017, 7:46am
5
Based on the above I’d upgrade any Mikrotik used as home access point to 6.40.4 or 6.39.3. Both are available on downloads.ctwug.za.net .
3 Likes
spin
October 16, 2017, 10:49am
6
Updated downloads to update new bugfix version and also recommended versions. See first post in this thread:https://forum.ctwug.za.net/t/file-downloads-downloads-ctwug-za-net/9799?u=spin
spin
October 16, 2017, 3:56pm
7
Updated the first post with more info. Note it’s important to update devices connecting to wireless access points.
Researchers have uncovered a Wi-Fi security flaw, dubbed KRACK, that affects nearly any device that uses Wi-Fi, whether or not the network is encrypted. Here's what you can do to stay safe.
Just some info i thought would be good to share
2 Likes
spin
October 31, 2017, 6:49pm
11
@SHiNiGAMi I’ve added your post to the existing thread
1 Like
lol thanks @spin i didnt see there was already a thread about this open:slight_smile:
1 Like
