Search
WPA2 Key Reinstallation Vulnerabilities (KRACK) Explained
Posted by Hemant Chaskar on Oct 16, 2017
WPA2 Vulnerability.png

Researchers from the University of Leuven (@vanhoefm and team) have discovered flaws in WPA2 implementation in clients and APs. These flaws create vulnerabilities for replay and decryption attacks on packets transferred over WiFi links. They have named them KRACKs (Key Reinstallation AttaCKs). Both 802.1x (EAP) and PSK (password) based networks are affected. These vulnerabilities have been cataloged under 10 CVEs. In the series of videos below, I explain these CVEs in detail with Vivek Ramachandran, Founder and CEO of Pentester Academy.

Posts by Topic

see all
free-on-demand-webinars.png
WPA2 Vulnerability.png
WPA2 Key Reinstallation Vulnerabilities (KRACK) Explained
Posted by Hemant Chaskar on Oct 16, 2017

Researchers from the University of Leuven (@vanhoefm and team) have discovered flaws in WPA2 implementation in clients and APs. These flaws create vulnerabilities for replay and decryption attacks on packets transferred over WiFi links. They have named them KRACKs (Key Reinstallation AttaCKs). Both 802.1x (EAP) and PSK (password) based networks are affected. These vulnerabilities have been cataloged under 10 CVEs. In the series of videos below, I explain these CVEs in detail with Vivek Ramachandran, Founder and CEO of Pentester Academy.

Mojo Security-005909-edited.png
Is your Business Wireless Network Secure?
Posted by Jeff Olson on Oct 10, 2017

We’ve Got Your Back.

Security is top of mind for IT teams, business leaders, and the general public. News of attacks, ransomware, and data breaches has become commonplace; most recently Equifax and Yahoo. Have you stopped to ask yourself: Is my WLAN secure? Have I done all that I can to ensure is it secure? 

Do the Right Thing-184012-edited.png
Fanning the Flames of Rebellion with Honor
Posted by Rick Wilmer on Sep 14, 2017

Witnessing ethical train wreck after train wreck in Silicon Valley, it’s easy to conclude that the quest for success at all costs is a recent phenomenon and one limited to startups.

WiFi - A Key Enabler of Digital India
Posted by Kiran Deshpande on May 1, 2017

Recently, I received a ‘Thank You’ letter from IEEE President & CEO for making a contribution to an IEEE fund that helps advance technology for humanity and realize full potential of IEEE. The IEEE President listed three areas of global concern – access to high speed Internet, adequate sanitation and electric power. Today Internet access is indeed as fundamental as having electric power and sanitation. This is reflected in policies across nations worldwide.

For instance, in India, Prime Minister Modi has outlined his vision for every Indian to have high speed access to Internet. Its akin to a Prime Minister laying out the vision for expressways for speedy and hassle free movement of vehicles across the country. A network of good roads and good communication infrastructure are critical to growth and prosperity. Hon. Indian Prime Minister is on the mark putting digitization along with ‘Swaccha Bharat’ as a top national priority.

In an emerging economy like India where wired network infrastructure is limited largely to urban areas, wireless Internet access is an attractive proposition. People love the convenience of wireless access even if the quality of connection is poor. You don't have to be glued to one place as it happens when using a landline phone or a computer connected to an Ethernet cable. Wireless access is ubiquitous as the entire space becomes the medium of communication. Governments around the world have recognized this as a national asset and have sold radio spectrum at a charge. While this creates revenue for governments, it can work against building affordable communication infrastructure. WiFi on the other hand operates in 2.4GHz and 5.0GHz radio spectrums that are unlicensed; one can operate in these frequency ranges without having to pay a license fee. This is very important as telecom operators, Internet service providers can build networking infrastructure using WiFi without having to pay for the spectrum. Coming to my road analogy, one needs a combination of toll roads and non toll roads. Both have their place in creating the infrastructure. In a country like India where sensitivity to pricing is high, WiFi will not only de-congest expensive licensed radio spectrum like 4G LTE but will reduce the cost significantly.

Smart cities and public hotspots are among the best known use cases of WiFi. However, many other innovative ways exist. For instance, top national colleges like IITs, NITs, IIITs and IIMs want WiFi across their campuses and spend considerable time and effort putting together vendors to look for this technology. There is a very good chance that requirements are largely the same for all of them and hence these need not be handled individually. A massively scalable WiFi Management Console that can manage WiFi at say top 100 national universities with a sharable architecture while giving flexibility to each university is feasible. The same approach can be used for smart cities, government departments and even Gram Panchayats. A unified approach for critical national digital infrastructure is efficient and possible with the current state of the art in WiFi technology.

Ruckus R710 Mojo C-120 distributed client benchmark test
Mojo C-120 Accepts the Ruckus R710 BeamFlex Challenge
Posted by Robert Ferruolo (Dr. RF) on Sep 15, 2016

While doing research on the Ruckus website for the R710, I noticed the statement of “Up to 2 times extended range and coverage with Ruckus BeamFlex technology.” Challenge accepted! To evaluate this claim we used a distributed client test, which determines the AP’s downstream performance when its clients are spread near and far, from excellent to marginal signal strength and points in between. This test simulates the performance of the AP in a typical enterprise, carpeted environment.

Meraki MR53 MR42 benchmark performance test
Benchmark: The 4x4 Meraki MR53 vs. the 4x4 Mojo C-120
Posted by Robert Ferruolo (Dr. RF) on Sep 8, 2016

In a recent blog post we compared the performance of the Mojo C-120 to the Meraki MR42. In that blog we highlighted results of a test we ran last spring. When we test, we test the best of the competition with the latest software and published best practices at that point in time. When that test was run, the MR42 was the best Meraki had to offer. Once Meraki made the MR53 available, we tested it and here are the results.