Any help on which (if any) file I should use would be greatly appreciated.
Think I might have found the answer myself by continuing to look.
Was just going through the 'additional information' link for that router and found the following:
Firmware version 33555 dated 10/20/17 runs on this router and is the second version that has the KRACK vulnerability fixed in WPA2 it is available here - tmittelstaedt 10/20/17
That version (kinda) works. For generic router and AP it works fine, but it does not work as a Repeater Bridge (works in a wired configuration between two routers but not wirelessly) - any thoughts on a different firmware to try?
Joined: 06 Jun 2006 Posts: 7463 Location: Dresden, Germany
Posted: Sun Oct 22, 2017 14:47 Post subject:
all broadcom based chipsets are still affected by crackattack. only mediatek and qca/atheros and marvell based chipsets are fixed now. broadcom has not released a solution yet for the propertiery drivers. so be patient. i'm on it.
and additionally there is a solution for a ap side fix. see the new option "disable eapol retries" at wireless security (not visible on broadcom routers for sure) _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
Joined: 06 Jun 2006 Posts: 7463 Location: Dresden, Germany
Posted: Sun Oct 22, 2017 18:33 Post subject:
i wrote now a own patch for all broadcom drivers which handles the problem. so broadcom routers will have krackattack fixed with next release _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
Joined: 10 Jan 2013 Posts: 11 Location: Bathurst, NSW, Australia
Posted: Sun Oct 22, 2017 21:34 Post subject:
BrainSlayer wrote:
all broadcom based chipsets are still affected by crackattack. only mediatek and qca/atheros and marvell based chipsets are fixed now. broadcom has not released a solution yet for the propertiery drivers. so be patient. i'm on it.
and additionally there is a solution for a ap side fix. see the new option "disable eapol retries" at wireless security (not visible on broadcom routers for sure)
I'm assuming the new "undefined" option is the one (WRT1900ACSv2 version of r33555 build), or does that mean it's not supported on this version?
only mediatek and qca/atheros and marvell based chipsets are fixed now.
BrainSlayer, since MediaTek bought Ralink, does that mean version 33555 fixes Ralink chipests as well or do we need to wait? I've just updated my DIR-615 D2 (Ralink) to 33555 and I'm now unsure if it's patched against KRACK.
Posted: Mon Oct 23, 2017 8:58 Post subject: Linksys E1000 v1 and other old devices
ghoti19, thanks for posting that! I have a pile of different models of devices and when the fixed firmware came out I flashed all of them and reported the results into the wiki specifically for people like you who needed a quick answer. But I had no time to put all of them through their paces I just wanted to find out if they would brick or not (and some did that I had to debrick) Please do file a bug on this or update one if there is one! Or at least post into the Broadcom-specific forum.
Folks, there's a HUGE opportunity here for dd-wrt since there are going to be MANY router manufacturers who will punt on this issue and pretend to play dumb with older devices.
A great many corporations have IT policies that -mandate- equipment with known security flaws to be retired - if it cannot be updated, it is required to be replaced. Any company, like a bank, medical facility, or anything of that nature, which is subject to periodic security audits has absolutely no choice on this EVEN IF they can configure a device with a flaw to NOT engage the flaw.
Yes, we all know that routers that are not configured for fast roaming or repeater mode aren't vulnerable and the attacker has to be practically on top of the wireless connection to attack. But this makes ZERO difference to a security auditor they will insist on replacement - if the device has the configuration option in it to turn on client mode or fast roaming, out it goes if there is no firmware update for it. And for a great many of these devices there NEVER will be. IT managers will be discovering this during their next security audit.
And there's more, too. IT people in many companies have been fighting with users bringing in little routers and setting up private little wifi networks for their phones and such instead of using the IT-run-but-controlled corporate wifi net. The users got away with it because their bosses went to bat for them against IT and since everyone has wifi in their house they think it's secure with a long password on it. So far these users have been getting away with it in many places. But now the IT people will be able to wave around "KRACK vulnerability" with enough technical terms to scare your average CEO and they will be getting compliance and those nets will get shut down.
All of this adds up to a flood of used orphan routers on the secondary market. It will also have a lot of IT people looking to preserve hardware investment. You might think that an IT person with 4 Linksys E1000's in service in various places would be more than happy to drop $400 into 4 brand new APs. But that means he's absolutely going to have people out there with weird devices that connected fine to the old radios that have problems with the new ones. So he's absolutely going to want to keep those E1000's (or other old routers) in service if he can.
dd-wrt is well positioned to take advantage of this. OpenWRT is just too complex for the average system admin to install. Now is the time to really concentrate on backwards compatibility for older devices I think. The focus for the next few years isn't going to be on the latest AC-whatever wifi routers it's going to be on how do I preserve the institutional investment in a wifi network that has been running stable and fine that nobody has been complaining about.
Realize that there is not a SINGLE commercial router in the warehouse or on the shelf in a retailer that is patched. An IT person cannot go to their supplier and order 10 new APs to replace the 10 they have in service that they have just been told are vulnerable. EVERYTHING will have to be firmware updated before it's put into service. So you might as well firmware update your existing gear if a forklift replacement is going to also have to be firmware updated, you won't save a bit of time just buying new devices since they will all be vulnerable anyway.
And the ability to protect vulnerable clients by an option in the router - THAT is absolute GOLD. It is worth a story in the trade rags and it can bring a lot more attention to dd-wrt.
That attention can be used as a club to convince router makers to yield up technical specs that will allow us to support more devices. The mainline router makers will be very leery of putting an option in their code to disconnect clients since that will be a non-compliant WPA2 implementation and it may get the standards bodies like the wifi consortium on their neck. But they might be quite happy to tell customers who call in saying they want such an ability to load dd-wrt. I imagine Buffalo is probably more lit up about this right now than a 16 year old on her first prom date. A mainline router maker could advertise dd-wrt compatibility and explain to an IT system admin with a building full of Android devices that well while we don't support a workaround for your devices these dd-wrt guys over here have this unofficial workaround.
We'll see how all this plays out but I think that there's a heck of a lot of political implications on this that people haven't even begun to think about.