This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Severe flaw in WPA2 - cracked

marko_teklic
New Contributor

‎10-15-2017 11:27 PM

when can we expect to see update for this https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...
153 REPLIES 153

robert_lowe_722
Contributor III

‎10-17-2017 12:42 AM

My issue is more a fact that the advisory doesn't state when a fix will be available. How can i go to my customers with anything unless i can give them a timescale on firmware patch?
0 Kudos

kari_hyv_nen
New Contributor III

‎10-17-2017 12:46 AM

This is my first touch with Ruckus.
A month ago, I inherited a position in a company where the wireless network is done with 6x Ruckus R500 Wireless APs.
Yesterday I contacted Ruckus support and they promised firmware by the end of the day. I have to say, that first impression I got from Ruckus is not an enterprise class and will probably move to ubiquiti.

jakob_peterh_ns
Contributor II
In response to kari_hyv_nen

‎10-17-2017 12:49 AM

Well, you better get used to reboot your AP's from time to time then..

kari_hyv_nen
New Contributor III
In response to kari_hyv_nen

‎10-17-2017 03:00 AM

I have no problem rebooting APs every now and then. I do have a problem not knowing if/when my network is secure.
0 Kudos

robert_lowe_722
Contributor III
In response to kari_hyv_nen

‎10-17-2017 03:10 AM

Just to be clear here, any Ruckus update will not secure your network. It will fix KRACK vulnerabilities with regards to mesh and the use of 802.11r. There are much broader steps that are required to ensure your networks are secure like updating all clients to ensure they have had their respective KRACK patches applied, after all the majority of the vulnerabilities are client based. You should also look at implementing an WIDS/WIPS system (be it the embedded solution of a controller or standalone) to alert against malicious rougue AP's as this will be a tell tale sign of a potential attack using KRACK.

Here is a good URL on availability of client device patches: https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vu...
Copyright © 2024 Khoros, LLC