Monday Nov 20
Jul
30/10
Analysis after the demo: Hole 196 and the WPA2 vulnerability
Updated on Tuesday, 31 January 2012 01:10
Share

You guys asked me to break out this information instead of posting as comments on the original post.

Here is more updated information on the WPA2 Hole 196 vulnerability now that AirTight has given the demo at BlackHat/Defcon.

John Cox at Network World put together a pretty nice final piece on the AirTight WPA2 Hole 196 vulnerability claims.

Included are quotes and details from me, AirTight, Matthew Gast (Aerohive), Robbie Gill (Aruba), John Pescatore (Gartner), Adam Conway (Aerohive) and Alan Amrod (Xirrus). Although I didn’t intend for him to quote my Southern-isms, they do relay the truth of the matter. Matthew has some great information you can find in other NWW articles on the attack.

Network World article
AirTight defends Wi-Fi WPA2 ‘vulnerability’ claim: A “publicity stunt?” Major threat? Or easily contained?
http://www.networkworld.com/news/2010/073010-airtight-wpa2-vulnerability.html

My wrap up:
– It’s not a big deal
– Attack is very limited and must be conducted by an authenticated user to another user
– Both victim and attacker must be on the same SSID and on the same access point
– Smart WIPS will protect against the attack
– Client isolation (used in most enterprise environments) prevents the attack all together

My original post
Additional comments are at the very bottom.
http://securityuncorked.com/2010/07/smoke-and-mirrors-the-upcoming-defcon-wpa2-crack/

# # #