This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
- Community
- RUCKUS Technologies
- RUCKUS Lennar Support
- Community Services
- RTF
- RTF Community
- Australia and New Zealand – English
- Brazil – Português
- China – 简体中文
- France – Français
- Germany – Deutsch
- Hong Kong – 繁體中文
- India – English
- Indonesia – bahasa Indonesia
- Italy – Italiano
- Japan – 日本語
- Korea – 한국어
- Latin America – Español (Latinoamérica)
- Middle East & Africa – English
- Netherlands – Nederlands
- Nordics – English
- North America – English
- Poland – polski
- Russia – Русский
- Singapore, Malaysia, and Philippines – English
- Spain – Español
- Taiwan – 繁體中文
- Thailand – ไทย
- Turkey – Türkçe
- United Kingdom – English
- EOL Products
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- RUCKUS Forums
- RUCKUS Technologies
- Unleashed
- Re: When will we be able to disable EAPOL retries ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
When will we be able to disable EAPOL retries per SSID to protect unpatched
devices against KRACK?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2017 12:30 PM
When will we be able to disable EAPOL retries to protect unpatched devices from KRACK?
People can do this on Cisco APs:
https://blogs.cisco.com/security/wpa-...
Even cheap APs running LEDE support this:
https://git.lede-project.org/?p=sourc...
It is ridiculous that devices connected to a $50 Linksys would be more secure than devices connected to a $1000 Ruckus.
I know that the WIPS helps, but that only checks every N seconds. That gives plenty of time for exploit scripts to run and penetrate deeper. I can imagine my wireless smart outlets being manipulated to run up electric bills, among other nefarious things.
Do I really need to deploy a $50 Linksys running third party firmware to protect my vulnerable devices? If Ruckus either cannot or will give us this mitigation, could it at least enable a competent third party like LEDE to provide firmware for their APs? Management would be a pain, but at least the connected client devices would be secure.
People can do this on Cisco APs:
https://blogs.cisco.com/security/wpa-...
Even cheap APs running LEDE support this:
https://git.lede-project.org/?p=sourc...
It is ridiculous that devices connected to a $50 Linksys would be more secure than devices connected to a $1000 Ruckus.
I know that the WIPS helps, but that only checks every N seconds. That gives plenty of time for exploit scripts to run and penetrate deeper. I can imagine my wireless smart outlets being manipulated to run up electric bills, among other nefarious things.
Do I really need to deploy a $50 Linksys running third party firmware to protect my vulnerable devices? If Ruckus either cannot or will give us this mitigation, could it at least enable a competent third party like LEDE to provide firmware for their APs? Management would be a pain, but at least the connected client devices would be secure.
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2017 01:18 PM
Hello Richard,
Please see most recent update details on our WPA2 KRACK Support resource center page:
https://support.ruckuswireless.com/krack-ruckus-wireless-support-resource-center
and in the Release Notes for KRACK Vulnerabilty Fix:
https://support.ruckuswireless.com/documents/2065-smartzone-release-notes-for-krack-vulnerability-fi...
pointing CUs to the SZ 3.1.2 - 3.6 Software Release AP CLI Scripts (WPA2 KRACK patch):
https://support.ruckuswireless.com/software/1487-smartzone-3-1-2-3-6-software-release-ap-cli-scripts...
Which allow you to disable EAPOL retries, and protect non-updated clients.
Please see most recent update details on our WPA2 KRACK Support resource center page:
https://support.ruckuswireless.com/krack-ruckus-wireless-support-resource-center
and in the Release Notes for KRACK Vulnerabilty Fix:
https://support.ruckuswireless.com/documents/2065-smartzone-release-notes-for-krack-vulnerability-fi...
pointing CUs to the SZ 3.1.2 - 3.6 Software Release AP CLI Scripts (WPA2 KRACK patch):
https://support.ruckuswireless.com/software/1487-smartzone-3-1-2-3-6-software-release-ap-cli-scripts...
Which allow you to disable EAPOL retries, and protect non-updated clients.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2017 02:02 PM
I am running Ruckus unleashed, which is why I marked this post as applying to Ruckus unleashed. How do the scripts for smart zone apply to that?
Labels
-
200.12.10.5.234
1 -
AP Certificate error
1 -
AP Management
2 -
authentication fails
1 -
captive portal
1 -
Certificate
1 -
DPSK
1 -
Guest Access
1 -
Installation
1 -
IP Multicast
1 -
l2acl
1 -
LACP
1 -
laptop hp probook 430 g8
1 -
Op
1 -
pfSense
1 -
R310
2 -
R650
1 -
Solution Proposed
3 -
SSID
1 -
temporarily blocked
1 -
Unleashed
6 -
User Management
1 -
Web UI
1 -
WLAN
1 -
WLAN Management
1 -
WPA3
1 -
WPA3-Enterprise
1
- « Previous
- Next »
