Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

KRACK - What to tell customers?

Status
Not open for further replies.
Oct 7, 2007
6,597
US
I know that a lot of the wifi CLIENTS will be updated (Windows 7, 8, 10, IOS, etc.) via regular patches to protect against the KRACK wifi vulnerability. But what about the access points and routers. Do I tell customers that they are NOT safe if their client is updated but their wifi source is not?

TechCrunch said Link
The key point is that both clients and routers need to be fixed against KRACK so there are lots of potential attack vectors to consider.

So, if not safe, I guess I should recommend replacement of old routers/access points that are no longer being updated by their manufacturer. I've got people running Netopia routers and simlar only as access points that are way old (Netopia 3347-02). Assuming I will be dead before they get any updates.

"Living tomorrow is everyone's sorrow.
Modern man's daydreams have turned into nightmares.
 
Tell them to login to their router administration interface and run the firmware update, and if it is no longer supported or BEING updated, replace it OR stop using wireless connections WITH OLD ROUTERS.



Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.

Never mind this jesus character, stars had to die for me to live.
 
One caveat to consider is if the personal router is at a house say with a couple acres of land around it, there's not likely much risk involved, b/c they probably would know if someone were close enough to do anything with their wireless signal. If it's in an apartment complex or neighborhood with smaller yards, though, it's quite different. Even some I've seen where people had 1/2 acre or so yards still could see many routers - and they sometimes caused interference.

Still best to update, but thought it worth mentioning that a wireless vulnerability is only truly vulnerable if people can get to it.

"But thanks be to God, which giveth us the victory through our Lord Jesus Christ." 1 Corinthians 15:57
 
That's what I thought - both ends of the equation need to be updated.

I'm really just worried about the business customers - CYA on my part. It's up to me to tell them. Most of them would not be able to log in to their router. Quite a few of them are using routers that are not being updated because they could save money by still using them.

"Living tomorrow is everyone's sorrow.
Modern man's daydreams have turned into nightmares.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top