Re: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Job Snijders
Dear all, Website with logo: https://www.krackattacks.com/ Paper with background info: https://papers.mathyvanhoef.com/ccs2017.pdf Kind regards, Job

RE: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Edwin Pers
6, 2017 5:14 AM To: valdis.kletni...@vt.edu Cc: nanog@nanog.org Subject: Re: Gonna be a long day for anybody with CPE that does WPA2.. Dear all, Website with logo: https://www.krackattacks.com/ Paper with background info: https://papers.mathyvanhoef.com/ccs2017.pdf Kind regards, Job

Re: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Tarko Tikan
hey, Any word on other vendor's response to this? Aruba - http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf -- tarko

Re: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Leo Bicknell
In a message written on Mon, Oct 16, 2017 at 03:38:19AM -0400, valdis.kletni...@vt.edu wrote: > And it looks like we're all going to be reflashing a lot of devices. Based on my reading this morning many (but not all) of the attacks are against _clients_ with no way to migitate by simply upgrading

Re: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Brielle
Ubiquiti already has it patched in UniFi firmware release 3.9.3 (see forums for more detail, or I'll be doing a sticky post in /r/ubiquiti later). 3.8.15 for Broadcom based APs like the first gen UAP-AC and ACv2 should be soon from what I read. Don't know about Airmax yet though. So, any bet

RE: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Gogan, James Patrick
@nanog.org Subject: RE: Gonna be a long day for anybody with CPE that does WPA2.. I see here that MikroTik has patched this about a week ago: https://forum.mikrotik.com/viewtopic.php?f=21&t=126695 Any word on other vendor's response to this? Ed -Original Message- From: NANOG [mai

Re: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Teun Vink
On Mon, 2017-10-16 at 12:09 +, Edwin Pers wrote: > I see here that MikroTik has patched this about a week ago: https://f > orum.mikrotik.com/viewtopic.php?f=21&t=126695 > > Any word on other vendor's response to this? > https://github.com/kristate/krackinfo has a nice overview of various ven

RE: Gonna be a long day for anybody with CPE that does WPA2..

2017-10-16 Thread Sean Pedersen
Cisco's PSIRT: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco- sa-20171016-wpa Some fixes appear to be available, or will be soon. -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of valdis.kletni...@vt.edu Sent: Monday, October 16, 20