cancel
Showing results for 
Search instead for 
Did you mean: 

Severe flaw in WPA2 - cracked

marko_teklic
New Contributor
153 REPLIES 153

Yes, they could have been out faster - but as the statement now say, it's only an issue if you turned on 802.11r on your SSID's or use Mesh networks (which, I hope, you don't).
How can you ask Ruckus to list what clients are affected??
Calm down, and be professional - there has been tons of security issues in IT in the past, and the world is not ending due to that.

If you have customers that rely on WPA only, then they deserve to be under attack.

I"m sorry, but I don't agree with this. No one in this thread has asked Ruckus to list what clients are affected. The issue most have is Ruckus took so long to even acknowledge there was an issue. 

@Steven.
Yes, the post above, in which this is a reply to, asks:
* How to detect clients with this problem
* For which clients are updates available
Ruckus can never be the one to provide that info.

btw there is github repo maintaining a list of vendor responses: https://github.com/kristate/krackinfo . Go to Vendor Response Matrix and see client updates.

Regards, 
Alex

I think there should be a way, have you taken a look what other vendors do:

Q:  Can I detect if someone is attacking my network or devices?

A:  Aruba software checks for replay counter mismatches on a per
client basis and will produce a log message if detection is triggered. The log message begins with “Replay Counter Mismatches“, followed by additional details.

Aruba has also released new RFProtect (WIDS) features and signatures to help detect attacks.

for example.

Also it should be no problem to build a list with patches for the major systems
and publish them.

If I read this right:

"Here, the client will install an all-zero encryption key instead of reinstalling the real key."

They work with an all-zero key can this not be detected from the wirless system?