11:07 Discovered a serious vulnerability in the protocol data security wpa2 | |
In general, it is more correct to say that the security protocol WPA2 cracked, so extensive vulnerabilities found in network security specialists from the company AirTight Networks. They proved that the protocol data protection WPA2, the most common now in the networks of WiFi, you can hack to get any information from the network. In addition, experts say that the vulnerability could help hackers attack a variety of resources, taking advantage of a compromised network. So, discovered the vulnerability was applicable to all wireless networks that are compatible with the standard IEEE802.11 Standard (Revision, 2007). Vulnerability and received its own name - Hole 196 (I wonder why - whether predecessors at number 195, 194 ...?). In general, this vulnerability is so interesting and dangerous, that it is going to demonstrate at the conference Defcon 18, which will be held in Las Vegas this week. You can imagine what turmoil would rise in the ranks of bezopasnikov "when the exploit will be posted in public access. Yes, it's really going to put a share, to show the possibilities created by the exploit and get standardize authorities as quickly as possible to close the found a "hole". Of course, I would have questioned the possibility of quick work of most of these bodies. But even if the hole will quickly shut down, you still remain a huge number of hardware and software subject to this vulnerability. And we can not doubt also that, and after a year or two after this event, will the IT leaders who did not hear anything. In general, the same old song ... So, discovered the vulnerability was found when using attacks such as Man-in-the-middle. A person authorized in such a network, and using the exploit, will be able to intercept and decrypt data transmitted within the network. In addition, when using this "hole" becomes possible substitution of MAC-addresses. Thus, information can pass a fake client systems, and it also allows you to use the resources of the compromised network for attacks on various web resources, without much fear of being discovered. As you can see, a very serious vulnerability, and after the exploit will lay out a network, they obviously did not fail to exploit all sorts of curious hackers. Unfortunately, prior to the conference, which will demonstrate the vulnerability of accurate data on the technology will not be granted. And here the source (English) | |
|
Total comments: 0 | |