cancel
Showing results for 
Search instead for 
Did you mean: 

are we secure from this new attack?

Here to help

are we secure from this new attack?

Hi,

 

I was reading and came across this article.. 

https://bgr.com/2018/08/08/wi-fi-password-hack-new-attack-breaks-wpa2-network-security/

 

Are meraki access points immune to this kind of attack? 

 

Thanks

 

 

5 REPLIES 5
Getting noticed

Re: are we secure from this new attack?

It's not really a new attack (though the press is hyping it as such.)

 

It's a quicker way of getting the authentication handshake, rather than capturing the 4 way handshake you just need to capture a single EAPOL packet.

 

However it was never that hard to capture that handshake anyway, so if the attacker even half way knew what they were doing.

 

As it is exploiting the actual protocol to make the capture of the data any product using the protocols is exposed.


It still takes the same length of time to break the password, so the usual long password with non dictionary passwords still applies (still about 8 days for a (sensibly chosen) 10 character password.


You of course could turn of the roaming I suppose

Kind of a big deal

Re: are we secure from this new attack?

That article is click bait.

 

Basically if you have 4 x GPUs you can break a 10 digit WPA pre-shared key in about 8 days now.

 

Ideally use WPA2-Enterprise mode, or if you have to use a PSK, try and make it at least 11 digits or more.

Kind of a big deal

Re: are we secure from this new attack?

For reference, the actual post made by the guy who stumbled on this new method is here:

 

https://hashcat.net/forum/thread-7717.html

 

That is sensational headline free, and just the facts. But as everyone said above, grabbing a hash from a WPA(2) PSK SSID and brute forcing it is nothing new. 

Kind of a big deal

Re: are we secure from this new attack?

I agree with all the above feedback.  This isn't really a new attack it is just a quicker way of getting the pw hash vs having to wait for someone to auth or to force it by sending de-auths.  Either way the hash still has to be cracked. 

 

The Hashcat folks found this while researching ways to attack the upcoming WPA3 standard.  There isn't much Meraki could do for this since it is an inherent flaw with WPA2.  Moral of the story.  If possible, use a long password so it cannot easily be cracked via rainbow tables etc.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Kind of a big deal

Re: are we secure from this new attack?

>...is since it is an inherent flaw with WPA2.

 

I'm not sure I would agree with that bit. :-)

 

If you are going to say allowing the exchange of a security hash is a flaw, then we are screwed.  Everything uses security hashes, PKI and certificates, NTLMv2, IPSec, etc.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.