Wireless Access

Reply
New Contributor

Re: WPA2 Vulnerability Discussion

Could the WIPS feature block this kind of attack? Like stop client to try connection in a fake ap?

Frequent Contributor II

Re: WPA2 Vulnerability Discussion


jgreen wrote:

When all of the fixed versions of software were posted, the vulnerabilities were not yet public.  So the release notes do not mention them.  Now that the vulnerabilities are public, the release notes will be revised.


Has the code for MST-200 MeshOS been released? The announcement indicates it has not yet been released.


Bruce Osborne - Wireless Engineer
ACCP, ACMP

Re: WPA2 Vulnerability Discussion

Are you also adding support for detection of KRACK-attack in RFProtect IPS/IDS?

 

Kismet is adding support: https://twitter.com/KismetWireless/status/919911322451632128


ACMX#255 | ACDX#742 | ACCX#746 | AMFX#25 | ACMP | ACCP | AWMP
www.securelink.nl

Re: WPA2 Vulnerability Discussion

@Arjan_k: From the FAQ:

 

Q: Can I detect if someone is attacking my network or devices?
A: Aruba software checks for replay counter mismatches on a per-client basis and will produce a log message if detection is triggered. The log message begins with “Replay Counter Mismatches“, followed by additional details.
Aruba has also released new RFProtect (WIDS) features and signatures to help detect attacks. These features are available in the following ArubaOS releases:
• 6.4.4.16
• 6.5.1.9
• 6.5.3.3
• 6.5.4.2
• 8.2.0.0

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).

Re: WPA2 Vulnerability Discussion

@John, from the PDF located here

http://community.arubanetworks.com/aruba/attachments/aruba/unified-wired-wireless-access/74698/1/WPA2%20Vulnerability%20IDS%20feature.pdf

Page 4, the command is logging level warnings security subcat ids

The one mentioned in the document is incorrect. Typo simply.
Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
tgb
New Contributor

Re: WPA2 Vulnerability Discussion

I have multiple Aruba IAP-135's deployed and need to patch for this vulnerability.  The only firmware revision available is 6.4.4.8-4.2.4.9_61734.

 

Is this revision a pre-requisite for 6.5.3.3?  

 

Or will 6.5.3.3 not be available for the IAP-135 model?

New Contributor

Re: WPA2 Vulnerability Discussion

Is an unpatched client still vulnerable while connected to a Patched Access Point? Or do both ends need to be patched to resolve this issue?

Re: WPA2 Vulnerability Discussion


tgb wrote:

I have multiple Aruba IAP-135's deployed and need to patch for this vulnerability.  The only firmware revision available is 6.4.4.8-4.2.4.9_61734.

 

Is this revision a pre-requisite for 6.5.3.3?  

 

Or will 6.5.3.3 not be available for the IAP-135 model?


6.4.4.8-4.2.4.9 is the version to go to... this also includes the patch.


ACMX#255 | ACDX#742 | ACCX#746 | AMFX#25 | ACMP | ACCP | AWMP
www.securelink.nl

Re: WPA2 Vulnerability Discussion


msuiter wrote:

Is an unpatched client still vulnerable while connected to a Patched Access Point? Or do both ends need to be patched to resolve this issue?


Both ends need to be fixed.


ACMX#255 | ACDX#742 | ACCX#746 | AMFX#25 | ACMP | ACCP | AWMP
www.securelink.nl

Re: WPA2 Vulnerability Discussion

Aruba Instant 4.2.x is the last available firmware version for the IAP-135:

http://www.arubanetworks.com/support-services/end-of-life/#AccessPoints

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: