Extreme Networks

Johannes_Dennin · ‎10-16-2017

Hello everyone,
I have some questions due to the expected disclosure today on the attack possible on WPA2 SSIDs.

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

Link: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...

- Is Extreme aware of this?
- Are Fixes ready to be released?
- Is a software fix sufficient or does hardware need to be replaced?

Thanks and best regards,

Johannes

Bin · ‎12-22-2017

Hello all.

ExtremeNetworks just released ADSP 5.9.0.

ADSP 9.5.0 adds the following new signatures for the KRACK attack:

MAC Spoof Activity Observed
Key Reinstallation Attack Detected

https://documentation.extremenetworks.com/release_notes/ADSP/9035225_ADSP-9-5-0-Release-Notes-v1_0.p...

Best regards,
Bin

Doug · ‎12-22-2017

Great video on the attack. https://youtu.be/pjTTG2nZax0

Doug Hyde
Director, Technical Support / Extreme Networks

Bin · ‎12-22-2017

Had joined this webinar. 
Really great summary from CWNP.

Vimalraj_Veerab · ‎12-06-2017

Hi All,

Bonjour,

As mentioned on this Link, https://extremeportal.force.com/ExtrArticleDetail?n=000018005

WiNG 5.9.1.2 will be targeted for November 29th. But still not yet released. I'm expecting a fix ASAP.

Thanks in advance. 

Extreme Networks

KRACK attack on WPA2

KRACK attack on WPA2