• November 01, 2024, 03:33:16 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: WPA2 "Key Reinstallation Attack" (VU#228519)  (Read 14311 times)

Ted Lyngmo

  • Level 1 Member
  • *
  • Posts: 4
WPA2 "Key Reinstallation Attack" (VU#228519)
« on: October 16, 2017, 08:09:25 AM »

Hi!

I wonder what the status of the newly discovered WPA2 "Key Reinstallation Attack" vulnerability is in the DIR-855 (F/W 1.24EU):
https://www.bleepingcomputer.com/news/security/new-krack-attack-breaks-wpa2-wifi-protocol/
http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

There's nothing noted by D-Link here:
http://www.kb.cert.org/vuls/id/CHEU-AQNMZT

Best regards,
Ted Lyngmo
« Last Edit: October 16, 2017, 08:44:22 AM by Ted Lyngmo »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: WPA2 "Key Reinstallation Attack" (VU#228519)
« Reply #1 on: October 16, 2017, 09:34:38 AM »

D-link is ware of the issue already. No information on when fixes are forth coming. I presume they are in the testing and planning stages of this. Please be patient.
If you need more help and information regarding this, I recommend that you phone contact your regional D-Link support office and ask for help and information regarding this. We find that phone contact has better immediate results over using email.
Let us know how it goes please.

http://forums.dlink.com/index.php?topic=56542.0
« Last Edit: October 16, 2017, 09:52:27 AM by FurryNutz »
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

Ted Lyngmo

  • Level 1 Member
  • *
  • Posts: 4
Re: WPA2 "Key Reinstallation Attack" (VU#228519)
« Reply #2 on: November 06, 2017, 11:01:30 AM »

I wrote to D-Link and asked about VU#228519:
Quote
Does the absence of the DIR-855 on this list mean that it's not affected?
http://www.dlink.com/uk/en/support/support-news/2017/october/18/response-to-krack-wpa2-key-reinstallation-attack-security-vulnerability

The answer was very clear:
Quote
Yes

 :) / Ted
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: WPA2 "Key Reinstallation Attack" (VU#228519)
« Reply #3 on: November 06, 2017, 11:06:13 AM »

That is a older model router, about 10 years now or so...There are others of that generation which either isn't effected or won't be fixed. The main issue is that the vulnerability is mostly effecting modes of Wireless bridge or Repeater mode on routers that support it and on client side HW like phones and etc.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

Ted Lyngmo

  • Level 1 Member
  • *
  • Posts: 4
Re: WPA2 "Key Reinstallation Attack" (VU#228519)
« Reply #4 on: November 06, 2017, 11:13:41 AM »

There are others of that generation which either isn't effected or won't be fixed.
Yeah, so I was very happy to learn that it wasn't affected. :)
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: WPA2 "Key Reinstallation Attack" (VU#228519)
« Reply #5 on: November 06, 2017, 11:15:42 AM »

Ya, the DGL-4500 is a great old router. However I use my DIR-890L as a wired AP behind it. Good wireless upgrade. Can upgrade yours sometime as well after the KRACK thing is fixed. Enjoy.  ;)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

Ted Lyngmo

  • Level 1 Member
  • *
  • Posts: 4
Re: WPA2 "Key Reinstallation Attack" (VU#228519)
« Reply #6 on: November 06, 2017, 11:23:27 AM »

Ya, the DGL-4500 is a great old router.
The DGL-4500? I have only spoken to D-Link about the DIR-855. I've never owned a DGL-4500.
Quote
However I use my DIR-890L as a wired AP behind it. Good wireless upgrade. Can upgrade yours sometime as well after the KRACK thing is fixed. Enjoy.  ;)
I used an old DGL-4300 as a wired AP a few years back but the adapter died so I now the DIR-855 only. What is the upgrade you talk about? Sounds interesting. :)
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: WPA2 "Key Reinstallation Attack" (VU#228519)
« Reply #7 on: November 06, 2017, 11:26:20 AM »

Ya the 4500 was the follow on to the 4300 gamer router. Great router still. Limited by it's upload and download speeds though. Worked ok on my 100/3 ISP however I got upgraded to 200/10 now...can't handle that as well.  :(

When I was using the 4500 as the main router, I had my DIR-890L router setup as AP mode. Tri band router so I disable the radio on the 4500 and use the 890L as the wireless AP.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.