UK Vintage Radio Repair and Restoration Powered By Google Custom Search Vintage Radio and TV Service Data

Go Back   UK Vintage Radio Repair and Restoration Discussion Forum > Other Discussions > Homebrew Equipment

Notices

Homebrew Equipment A place to show, design and discuss the weird and wonderful electronic creations from the hands of individual members.

Closed Thread
 
Thread Tools
Old 18th Oct 2017, 4:40 pm   #21
MrBungle
Dekatron
 
MrBungle's Avatar
 
Join Date: Jun 2016
Location: London, UK.
Posts: 3,687
Default Re: Router WI FI

It could be but probably isn't, just remember that

Also the objective is to secure the channel between the client PC and the remote server and we do this with TLS. At that point, the entire sea between the end can be filled with crocodiles, sharks and poisonous jellyfish.

Real problem here is that a lot of people use insecure file shares and windows domains over wireless networks.

The big irony here is that it's probably safer to store your files in Google Drive, OneDrive or whatever than on a server on your local network connected via WiFi as at least they have to get a warrant to access them.

We have dumb switched network in the office and the WiFi is referred to as the "public toilet internet" as that's what it really is.
MrBungle is offline  
Old 18th Oct 2017, 9:32 pm   #22
WaveyDipole
Nonode
 
WaveyDipole's Avatar
 
Join Date: Mar 2013
Location: Leicester, UK
Posts: 2,505
Default Re: Router WI FI

I also have the Draytek 2860AC and use both bands. You do have to set up and enable both bands on the router and give them a SSID. On the Draytek this can be the same SSID on both bands or different ones on each. If you give both bands the same SSID, then the mobile device, if capable, will automatically use either band. My iPad automatically picks up the 5GHz band when its close enough. I believe the range is not quite as far as the 2.4GHz band.

I did notice that alert yesterday in the media about the WiFi KRACK attack and had a look on Draytek's site. They reckon that their router is not vulnerable to this:

http://www.draytek.co.uk/information...-vulnerability

However it should be noted that other devices in the home will be vulnerable. The other point to note is that the attack cannot be carried out over the Internet. The attacker needs to be physically in range of your WiFi, so potentially a neighbour within range or someone parked in a car outside on the street and with the appropriate knowledge and capability could mount such an attack.

There is more than one form of the attack and I note that wpa_supplicant in Linux and Android devices are particularly vulnerable. Having spoken with someone on the Linux MINT forum yesterday, I was assured that a fix is being worked on.

Regarding routers, it would be good to check with the router vendor for a firmware update and apply it as soon as it is available. Some routers are based on Linux. For example, I run a router as a WiFi extender using open source dd_wrt router firmware and have yet to get a clear indication of when this will get patched.

Apple and Windows devices are less vulnerable, but are still vulnerable to one form of the attack.

Last edited by WaveyDipole; 18th Oct 2017 at 9:56 pm.
WaveyDipole is online now  
Old 18th Oct 2017, 10:14 pm   #23
paulsherwin
Moderator
 
paulsherwin's Avatar
 
Join Date: Jun 2003
Location: Oxford, UK
Posts: 27,783
Default Re: Router WI FI

The attack is on the client. The access point (i.e. router) will only be vulnerable if it is itself a client, such as a range extender.

This is a difficult exploit and requires the attacker to be in range of the network, so the chances of any particular domestic network being successfully attacked are extremely remote. Why should an attacker choose to attack your network, rather than the 99 other networks in your street, or the 20,000 other networks in your town, or the 300,000 other networks in your city? Even if the attacker breaks your encryption, they are only likely to capture a few MB of the Netflix movie you are streaming, or perhaps this post as you read it.
paulsherwin is online now  
Old 18th Oct 2017, 10:22 pm   #24
Nuvistor
Dekatron
 
Nuvistor's Avatar
 
Join Date: Aug 2013
Location: Wigan, Greater Manchester, UK.
Posts: 9,425
Default Re: Router WI FI

And this post is over https and the encryption is end to end so the attacker would only see encrypted data.
That’s how I understand it.
__________________
Frank
Nuvistor is online now  
Old 18th Oct 2017, 10:29 pm   #25
paulsherwin
Moderator
 
paulsherwin's Avatar
 
Join Date: Jun 2003
Location: Oxford, UK
Posts: 27,783
Default Re: Router WI FI

That is correct.
paulsherwin is online now  
Old 18th Oct 2017, 11:03 pm   #26
Oldcodger
Nonode
 
Join Date: Oct 2014
Location: West Midlands, UK.
Posts: 2,181
Default Re: Router WI FI

Thanks, folks- I'm using a TP LINK 2.4 G mini USB adapter . I've noticed a lot of other traffic on CH11, and the occasional one on CH1( which I'm also on, with reduced speed). So , I've reset my CH 1 connection, from Auto to CH2, and the reset has kept me away from problems. So untill local area gets a tad congested, i'll stick with 2.4, and B setting on WiFi of 72MBPS.
Oldcodger is offline  
Old 18th Oct 2017, 11:12 pm   #27
WaveyDipole
Nonode
 
WaveyDipole's Avatar
 
Join Date: Mar 2013
Location: Leicester, UK
Posts: 2,505
Default Re: Router WI FI

I agree that the attack is primarily against clients, but routers are also affected. The attack is against the WiFi protocol itself and affects any vulnerable WiFi device. Here is the CERT advisory and a status page that shows which vendors are affected. There are several well known vendors of network gear listed here as affected.

https://www.kb.cert.org/vuls/id/228519
http://www.kb.cert.org/vuls/byvendor...&SearchOrder=4

The attack allows an attacker to re-direct traffic to a fake network they have set up on another WiFi channel which they can then monitor. Of course to complete it they need Internet access themselves but this can be done easily via 4G/3G. If your connection to a website is via HTTPS, then it will indeed be encrypted, but under some circumstances the HTTPS can be stripped off and the content viewed in the clear without the user becoming aware of it. These days, most major sites are well clued up and up-to-date with their HTTPS setup so that even if this were attempted, the user would likely get a warning that the SSL certificate cannot be trusted (the attacker has to use a fake one) so this would not be transparent and the user would realise that something is amiss. The problem is that many just click Ok regardless.

I agree also, that this is generally acknowledged to be a difficult exploit and the likelihood of it happening is probably low. An attacker would rather go after more profitable targets.

Here is an FAQ by PC World although I see no reason for anyone to be 'panic-stricken'! Just update devices as and when fixes become available.
https://www.pcworld.com/article/3233...-faq-tips.html

Last edited by WaveyDipole; 18th Oct 2017 at 11:25 pm.
WaveyDipole is online now  
Old 23rd Oct 2017, 10:51 am   #28
mictester
Triode
 
mictester's Avatar
 
Join Date: Dec 2007
Location: Sometimes Suffolk and other times Limburg, NL
Posts: 37
Default Re: Router WI FI

Quote:
Originally Posted by Station X View Post
Quote:
Originally Posted by mictester View Post
All traffic passing through the router can be monitored through this additional SSID if the router has a Huawei or Realtek chipset.
Does that include "wired" traffic?
Yes it certainly does - at least on the two Huawei boxes I tried.
mictester is offline  
Closed Thread

Thread Tools



All times are GMT +1. The time now is 11:04 am.


All information and advice on this forum is subject to the WARNING AND DISCLAIMER located at https://www.vintage-radio.net/rules.html.
Failure to heed this warning may result in death or serious injury to yourself and/or others.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Copyright ©2002 - 2023, Paul Stenning.