pollutionblues reacted to Netduma Fraser in Krack WiFi Vulnerability Upgrade (1.03.6i)
This upgrade is to fix the recently discovered WiFi vulnerability - Krack. This upgrade is optional, there are no extra features or other bug fixes included. This is not DumaOS. If you have the R1 WiFi disabled then there is no need to upgrade to this version though it may be a good idea to do so if you plan on using the WiFi again in future.
If you are not on the latest version - 1.03.6g/h you will need to upgrade to that first before upgrading to this version. To check your version/upgrade to .g please go here.
Download the upgrade here Go to the Upgrade section on the Netduma interface Choose Advanced Ensure preserve settings & check version are ticked. Click browse & navigate to where you downloaded the upgrade file and click open. Click upgrade, it will take around 3 minutes. Please do not unplug the router during this time. If you are wired to your computer or connected via Wifi (and won't automatically connect to another Wifi name) you will be taken to the home interface screen when the upgrade has been completed. If the rare event that you get an error message please contact us and do not turn off the router. Do not worry, it just requires some help from our team. Change Log
Fixed WPA2 KRACK attack by accepting key reinstall without changing anything.
pollutionblues reacted to bagsta69 in KRACK WiFi Vulnerability
A little further reading,
As scary as this attack sounds, there are several mitigating factors at work here. First off, this is not an attack that can be pulled off remotely: An attacker would have to be within range of the wireless signal between your device and a nearby wireless access point.
More importantly, most sensitive communications that might be intercepted these days, such as interactions with your financial institution or browsing email, are likely already protected end-to-end with Secure Sockets Layer (SSL) encryption that is separate from any encryption added by WPA2 — i.e., any connection in your browser that starts with “https://”.
Also, the public announcement about this security weakness was held for weeks in order to give Wi-Fi hardware vendors a chance to produce security updates. The Computer Emergency Readiness Team has a running list of hardware vendors that are known to be affected by this, as well as links to available advisories and patches.
“There is no evidence that the vulnerability has been exploited maliciously, and Wi-Fi Alliance has taken immediate steps to ensure users can continue to count on Wi-Fi to deliver strong security protections,” reads a statement published today by a Wi-Fi industry trade group. “This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users. Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together.”
Sounds great, but in practice a great many products on the CERT list are currently designated “unknown” as to whether they are vulnerable to this flaw. I would expect this list to be updated in the coming days and weeks as more information comes in.
Some readers have asked if MAC address filtering will protect against this attack. Every network-capable device has a hard-coded, unique “media access control” or MAC address, and most Wi-Fi routers have a feature that lets you only allow access to your network for specified MAC addresses.
However, because this attack compromises the WPA2 protocol that both your wireless devices and wireless access point use, MAC filtering is not a particularly effective deterrent against this attack. Also, MAC addresses can be spoofed fairly easily.
To my mind, those most at risk from this vulnerability are organizations that have not done a good job separating their wireless networks from their enterprise, wired networks.
I don’t see this becoming a major threat to most users unless and until we start seeing the availability of easy-to-use attack tools to exploit this flaw. Those tools may emerge sooner rather than later, so if you’re super concerned about this attack and updates are not yet available for your devices, perhaps the best approach in the short run is to connect any devices on your network to the router via an ethernet cable (assuming your device still has an ethernet port).
From reading the advisory on this flaw, it appears that the most recent versions of Windows and Apple’s iOS are either not vulnerable to this flaw or are only exposed in very specific circumstances. Android devices, on the other hand, are likely going to need some patching, and soon.
pollutionblues reacted to bagsta69 in KRACK WiFi Vulnerability
Not all routers are affected,
On October 16. CERT/CC/ICASI released a public announcement about discovered vulnerabilities in WPA2 handshake protocols that affect most WiFi users and all vendors world wide.
RouterOS v6.39.3, v6.40.4, v6.41rc are not affected!
It is important to note that the vulnerability is discovered in the protocol itself, so even a correct implementation is affected.
These organizations did contact us earlier, so we have already released fixed versions that address the outlined issues. Not all of the discovered vulnerabilities directly impact RouterOS users, or even apply to RouterOS, but we did follow all recommendations and improved the key exchange process according to the guidelines we received from the organizations who discovered the issue.
We released fixed versions last week, so if you upgrade your devices routinely, no further action is required.
The following applies to RouterOS software prior to updates related to the issue.
nv2 is not affected in any way. This applies to both - nv2 AP and client. There is no nonce reset in key exchange possible and key re-installation is not possible, because nv2 key exchange does not directly follow 802.11 key exchange specification.
802.11 nonce reuse
RouterOS is not affected in any way, RouterOS generates cryptographically strong random initial nonce on boot and never reuses the same nonce during uptime.
802.11 key reinstallation
The device operating as client in key exchange is affected by this issue. This means that RouterOS in station modes and APs that establish WDS links with other APs are affected. RouterOS APs (both - standalone and CAPsMAN controlled), that do not establish WDS links with other APs, are not affected. Key reinstallation by resending key exchange frame allows attacker to reset encrypted frame packet counter. This allows attacker to replay frames that where previously sent by AP to client. Please note that RouterOS DOES NOT reset key to some known value that would allow attacker to inject/decrypt any frames to/from client.
Suggested course of action
It is always recommended to upgrade to latest RouterOS version, but depending on wireless protocol and mode the suggested course of action is as follows:
- nv2: no action necessary
- 802.11/nstreme AP without WDS: no action necessary
- CAPsMAN: no action necessary
- 802.11/nstreme client (all station modes) or AP with WDS: upgrade to fixed version ASAP. The duma operating system may or may not be vulnerable but I am sure that we will find out as soon as the Devs know. The security risk is probably more of a worry for big companies than individuals with a home network from the further reading I have done but sure all security is an issue but I don't think many home users need to go into melt down over it just yet. First off any attack would need to be local, as in within your wifi range and if you're that worried about a local attack from a neighbour or you have such important information to hide then you're security should already circumvent any issues.
pollutionblues got a reaction from N3CR0 in Using Draytek Vigor 130 Modem with DUMA
Welcome to the forums.
The Draytek does work with the Duma, that’s what I use and it was just plug and play for me so I’m not entirely sure why yours isn’t working.
I’d double check you are inputting the correct PPPoE details into the Duma just in case. Also you could try factory resetting the Draytek and see if that solves it.
pollutionblues reacted to Goughyb in Using Draytek Vigor 130 Modem with DUMA
Oh my god it actually worked.Thank you so much for taking the time to help guys. Hopefully someone will find this in Google when they have the same issue.
I spent all weekend trying to get this to work and now it is fixed.
The QOS software on the device is amazing.
Very happy right now.
pollutionblues reacted to Netduma Fraser in Using Draytek Vigor 130 Modem with DUMA
You should be able to use the following PPPoE information instead of whatever you have input, apply that and then reboot from miscellaneous settings. Do you have internet then?
Username: [email protected]