FragAttacks, ib lub koob ntawm cov tsis muaj zog hauv Wi-nkaus tus qauv uas cuam tshuam rau lab ntawm cov khoom siv

Tsis ntev tas los cov ntaub ntawv ntawm 12 qhov tsis muaj zog tau raug nthuav tawm uas qhia nyob rau hauv cov cai "FragAttacks" cuam ​​tshuam rau ntau yam khoom siv wireless thiab lawv npog zoo siv txhua daim npav wireless thiab cov chaw nkag mus rau siv, ntawm 75 lub tshuab kuaj, txhua qhov cuam tshuam los ntawm tsawg kawg ib ntawm cov kev tawm tsam.

Cov teeb meem poob rau ob pawg: 3 qhov tsis muaj zog tau qhia ncaj qha rau hauv Wi-nkaus tus qauv thiab npog tag nrho cov khoom siv uas txhawb nqa IEEE 802.11 tus qauv tam sim no (teeb meem tau taug qab txij li xyoo 1997).

9 qhov tsis yooj yim hais txog cov kab thiab qhov tsis xws luag hauv kev ua tiav ntawm cov tsig wireless. Qhov phom sij tseem ceeb yog qeb thib ob, txij li lub koom haum ntawm kev tawm tsam ntawm qhov ua tsis raws cai hauv cov qauv yuav tsum muaj cov xwm txheej tshwj xeeb lossis tua ntawm qee yam los ntawm tus neeg raug tsim txom.

Txhua qhov tsis yooj yim tshwm sim tsis hais txog kev siv daim qauv twg kom ntseeg tau Wi-Fi kev ruaj ntseg, txawm tias thaum siv WPA3, raws li feem ntau ntawm cov cim nres txoj kev tso cai ua rau tus neeg tua hluav taws ua L2 ncej hloov ntawm lub vev xaib tiv thaiv, ua rau nws tuaj yeem thaiv kev tsheb sib tsoo.

DNS teb spoofing los coj tus neeg siv rau tus neeg siv khoom siv dag zog yog hais raws li qhov teeb meem tiag tiag nres. Nws tseem muab ib qho piv txwv ntawm kev siv txoj kev tsis haum xeeb los hla tus neeg txhais lus chaw nyob ntawm lub wireless router thiab muab kev nkag ncaj qha rau cov cuab yeej ntawm lub network hauv zos lossis bypass firewall txwv.

Qhov thib ob ntawm qhov tsis nyiam, uas cuam tshuam nrog kev ua haujlwm ntawm cov ntas tawg, tso cai rau koj kom rho tawm cov ntaub ntawv hais txog cov tsheb hauv cov wireless network thiab cuam tshuam cov neeg siv cov ntaub ntawv kis tsis tau siv encryption.

Tus kws tshawb nrhiav tau npaj ua qauv qhia seb yuav muaj kev tiv thaiv yooj yim npaum li cas los cuam tshuam tus password hloov thaum nkag mus rau lub vev xaib dhau ntawm HTTP tsis muaj encryption, nws tseem qhia txog kev tawm tsam lub pluaj ntse, tswj los ntawm Wi-nkaus, thiab siv nws los txuas ntxiv qhov kev tawm tsam ntawm cov khoom qub dhau los ntawm lub network hauv zos uas tsis muaj qhov tsis zoo (piv txwv li, nws muaj peev xwm tawm tsam lub Windows 7 khoos phis tawm tsis muaj kev hloov kho rau lub network sab hauv ntawm NAT traversal).

Coj kom zoo dua qhov tsis muaj peev xwm, tus tawm tsam yuav tsum yog nyob rau hauv thaj tsam ntawm lub wireless ntaus ntawv tsom xa cov teeb tshwj xeeb kev tsim thav ntawv rau tus neeg raug mob.

Cov teeb meem cuam tshuam ob qho tib si cov neeg siv khoom siv thiab cov npav wirelessas Well as Wi-nkaus nkag ntsiab lus thiab routers. Feem ntau, HTTPS ua ke nrog encryption ntawm DNS tsheb siv DNS dhau TLS lossis DNS dhau HTTPS yog txaus raws li kev ua haujlwm rau kev tiv thaiv. VPN kuj tsim nyog rau kev tiv thaiv.

Qhov txaus ntshai tshaj plaws yog plaub yam kev pheej hmoo hauv kev siv wireless ntaus ntawv uas tso cai rau txoj kev tsis tseem ceeb kom ua tiav qhov kev hloov ntawm lawv cov thav ntawv uas tsis tau xoom npe:

  • Kom txhob raug CVE-2020-26140 thiab CVE-2020-26143 tso cai rau ntawm qee qhov nkag mus thiab daim npav wireless rau Linux, Windows, thiab FreeBSD.
  • Kom txhob raug CVE-2020-26145 tso cai rau cov kwj tsis pom zoo raug kho raws li kab ntawv tag nrho ntawm macOS, iOS, thiab FreeBSD thiab NetBSD.
  • Kom txhob raug CVE-2020-26144 ua rau kev ua tiav ntawm unencrypted reassembled A-MSDU thav ntawv nrog EtherType EAPOL ntawm Huawei Y6, Nexus 5X, FreeBSD thiab LANCOM AP.

Lwm yam kev siv tiv thaiv kom txhob raug mob mas yog feem ntau cuam tshuam rau cov teeb meem hauv kev coj ua tawg faib:

  • CVE-2020-26139: tso cai xa ncaj qha ntawm EAPOL cim cov ntawv xa los ntawm tus neeg xa xov tsis muaj tseeb (cuam tshuam rau 2/4 cov chaw nkag mus xyuas, NetBSD thiab FreeBSD kev daws teeb meem).
  • CVE-2020-26146- Tso cai rau koj kom rov npaj cov qhov tsis muaj sib sau tsis tau kuaj xyuas qhov kev txiav txim ntawm cov lej ua ntu zus.
  • CVE-2020-26147- Tso cai reassembly ntawm sib xyaw encrypted thiab unencrypted tawg tsam.
  • CVE-2020-26142: Tso cai rau cov ntu tawg kom raug kho tau raws li qhov thav ntawv tag nrho (cuam tshuam rau OpenBSD thiab ESP12-F wireless module).
  • CVE-2020-26141: Nco TKIP MIC kuaj rau ntas tawg.

Ntawm lwm yam teeb meem pom:

  • CVE-2020-24588: Ib qho kev sib koom ua ke tawm tsam uas tso cai rau tus neeg siv hloov pauv mus rau qhov tsis zoo DNS server lossis NAT traversal tau hais ua piv txwv ntawm kev tawm tsam.
  • CVE-2020-245870- Kev sib ntaus sib xyaw tseem ceeb (rov cais daim ntawv tawg uas muaj cov yuam sij sib txawv raug tso cai hauv WPA, WPA2, WPA3 thiab WEP). Qhov kev tawm tsam tso cai rau koj los txiav txim cov ntaub ntawv xa los ntawm tus neeg siv khoom, piv txwv, txiav txim siab cov ntsiab lus ntawm cov khoom qab zib thaum nkag ntawm HTTP.
  • CVE-2020-24586 - Fragment Cache Attack (cov qauv yuav tsum vov WPA, WPA2, WPA3 thiab WEP tsis tas yuav tshem cov khoom tawg uas twb tau txiav txim rau hauv cov cache tom qab kev sib txuas tshiab hauv lub network). Nws tso cai rau txheeb xyuas cov ntaub ntawv xa los ntawm tus neeg siv khoom thiab ua tiav cov kev hloov pauv ntawm lawv cov ntaub ntawv.

Yog tias koj xav paub ntxiv txog nws, koj tuaj yeem sab laj kev txuas mus ntxiv.


Cov ntsiab lus ntawm tsab xov xwm ua raws li peb cov ntsiab cai ntawm kev tswj hwm kev ncaj nceesCov. Tshaj tawm ib qho yuam kev nyem no.

Yog thawj tus tuaj tawm tswv yim

Tso koj saib

Koj email chaw nyob yuav tsis tsum luam tawm. Yuav tsum tau teb cov cim nrog *

*

*

  1. Lub luag haujlwm rau cov ntaub ntawv: Miguel Ángel Gatón
  2. Lub hom phiaj ntawm cov ntaub ntawv: Tswj SPAM, kev tswj xyuas tawm tswv yim.
  3. Sau raws cai: Koj kev tso cai
  4. Kev sib txuas lus ntawm cov ntaub ntawv: Cov ntaub ntawv yuav tsis raug xa mus rau lwm tus neeg thib peb tsuas yog los ntawm kev txiav txim siab raug cai.
  5. Cov ntaub ntawv khaws cia: Cov Ntaub Ntawv khaws tseg los ntawm Occentus Networks (EU)
  6. Txoj Cai: Txhua lub sijhawm koj tuaj yeem txwv, rov qab thiab tshem tawm koj cov ntaub ntawv.