mralk3 |
10-19-2017 12:56 PM |
Quote:
Originally Posted by Chuck56
(Post 5771666)
Just wondering, my understanding is that KRACK Attacks were directed at the WPA2 client-side handshakes with the AP. Routers acting as repeaters or fast roaming (802.11r mesh) would be impacted too as they use client-side handshakes. Said another way, a stand-alone AP is less vulnerable particularly if it is not repeating or involved with fast roaming. Is that wrong or just too early to tell?
|
Yes that is correct. If you patch all your clients then you can safely wait for updates to your router firmware (if it is ever updated by your manufacturer). However, if you can update your router firmware it will take care of this vuln for all your devices at once.
Your main concern should be your /mobile/ smart phone not being patched until the next Google or Apple update. From what I understand, Google is to release a fix in the next (November) update. This is mainly only an issue if you use public wifi, and whether you trust that restaurants, coffee shops, air ports etc have patched their access points to fix this vuln. I suggest you stick to 3g/4g data plans whenever possible if you are mobile because there is no guarantee such access points will /ever/ be patched.
|