PointStar SingaporePointStar Singapore
  • Solutions
        • WORKPLACE COLLABORATION


        • Email and CollaborationIntegrated enterprise solutions for business emails, collaborations and productivity tools.
        • Meeting Room and ConferencingModern conferencing and communication solutions for future workplaces.
        • End User ComputingSecured and easy-to-manage solutions for end users to access applications and data – any device, anytime, anywhere.
        • SD-WAN, Network, Wi-FiSmart and secured cloud managed network solutions from small businesses to large enterprises.
        • CLOUD COMPUTING


        • Public And Hybrid CloudMulti-Cloud Solutions for all types of workloads securely and flexibly on pay-as-you-use model.
        • Data Cloud and AnalyticsData solutions that allows unification of data securely across organizations and platforms with intelligent insights.
        • Platform as a ServiceCloud platform solutions that provide a series of modular cloud services for application and web services.
        • API ManagementFull lifecycle API management platform as gateway for runtime management, policy governance, and usage analytics.
        • BUSINESS APPLICATIONS


        • ERP SolutionsEnterprise Resources Planning solutions to automate business process for better financial insights and internal controls.
        • CRM Solutions360 solutions to unify sales, marketing and customer service interactions for better customer engagement.
        • Digital Signature SolutionsLegally binding electronic signature solutions for documents signings and workflow approvals.
        • Document Management SystemsHardcopies digitization and documents approval solutions for enhanced business process automations.
        • EMERGING TECHNOLOGIES


        • AI ChatbotLifelike conversational AI with state-of-the-art virtual agent systems for businesses and customer service environments.
        • Machine LearningArtificial Intelligence (AI) solutions that enable data learning for predictive analysis and automated decision making.
        • IoTProtect your business from disruptions with secure and highly available cloud infrastructure.
        • >> MORE
  • Services
        • CLOUD TRANSFORMATION


        • Infrastructure ModernizationProvide flexible cloud infrastructure services from re-host to re-platform.
        • Application ModernizationProvide cloud native application development platforms and services for simplify and speedy software delivery.
        • Data AnalyticsOffer multi-cloud and cross-platform cloud analytics for data analysis and reportings.
        • Cloud MigrationMigration of workload and application from on-premises systems to cloud platform.
        • BUSINESS SERVICES


        • ConsultingImprove your operational performance and productivity, and adding value throughout the lifecycle.
        • Business Application IntegrationsRapidly builds end-to-end smart workflows to help automate digital processes.
        • Backup & Disaster RecoveryProvide centralized protection for environments and applications running on-premises and on-cloud.
        • Business Process AutomationProfessional services to assist businesses in streamlining and automating business process and re-shaping their work.
        • TECHNICAL SERVICES


        • Technical SupportCertified engineers in providing IT support services with commitment to Service Level Agreements.
        • Managed ServicesProvide expertise to manage businesses’ IT requirements for operational efficiency and faster resolutions.
        • Workplace ModernizationDesign, install and implement modern AV and communication solutions for all workplace environment types.
        • Installation ServicesProfessional services in IT installations and implementations.
        • PROFESSIONAL SERVICES


        • Training ServicesProfessional training services from our certified trainers, engineers and consultants.
        • Project ManagementProfessional services in managing processes and resources to ensure the success of a project delivery.
        • Change ManagementManage the transition in product, policy and process changes to achieve ROI in new technology adoptions.
        • >> MORE
  • Products
        • More Products >>

  • Partners
        • Partner With Us
        • More >>

  • Customers
        • Our customers
        • Customer Stories
  • Blog
  • About
        • OVERVIEW


        • About PointStarPointStar is one of the pioneers in cloud services in the region.
        • Our TeamMeet our team of cloud transformation leaders.
        • OUR PARTNERSHIP


        • Awards and AccreditationPointStar has been recognized many times for a great number of achievements.
        • JOIN POINTSTAR


        • Why Join UsWorking at our company goes far beyond just having a job.
        • CareersJob opportunities in PointStar.
        • EVENTS


        • EventsCheck out our upcoming events.
  • Contact Us
        • Contact Sales
        • Help & Support
        • Customer Service Portal
  • Shop
Search
  • Solutions
        • WORKPLACE COLLABORATION


        • Email and CollaborationIntegrated enterprise solutions for business emails, collaborations and productivity tools.
        • Meeting Room and ConferencingModern conferencing and communication solutions for future workplaces.
        • End User ComputingSecured and easy-to-manage solutions for end users to access applications and data – any device, anytime, anywhere.
        • SD-WAN, Network, Wi-FiSmart and secured cloud managed network solutions from small businesses to large enterprises.
        • CLOUD COMPUTING


        • Public And Hybrid CloudMulti-Cloud Solutions for all types of workloads securely and flexibly on pay-as-you-use model.
        • Data Cloud and AnalyticsData solutions that allows unification of data securely across organizations and platforms with intelligent insights.
        • Platform as a ServiceCloud platform solutions that provide a series of modular cloud services for application and web services.
        • API ManagementFull lifecycle API management platform as gateway for runtime management, policy governance, and usage analytics.
        • BUSINESS APPLICATIONS


        • ERP SolutionsEnterprise Resources Planning solutions to automate business process for better financial insights and internal controls.
        • CRM Solutions360 solutions to unify sales, marketing and customer service interactions for better customer engagement.
        • Digital Signature SolutionsLegally binding electronic signature solutions for documents signings and workflow approvals.
        • Document Management SystemsHardcopies digitization and documents approval solutions for enhanced business process automations.
        • EMERGING TECHNOLOGIES


        • AI ChatbotLifelike conversational AI with state-of-the-art virtual agent systems for businesses and customer service environments.
        • Machine LearningArtificial Intelligence (AI) solutions that enable data learning for predictive analysis and automated decision making.
        • IoTProtect your business from disruptions with secure and highly available cloud infrastructure.
        • >> MORE
  • Services
        • CLOUD TRANSFORMATION


        • Infrastructure ModernizationProvide flexible cloud infrastructure services from re-host to re-platform.
        • Application ModernizationProvide cloud native application development platforms and services for simplify and speedy software delivery.
        • Data AnalyticsOffer multi-cloud and cross-platform cloud analytics for data analysis and reportings.
        • Cloud MigrationMigration of workload and application from on-premises systems to cloud platform.
        • BUSINESS SERVICES


        • ConsultingImprove your operational performance and productivity, and adding value throughout the lifecycle.
        • Business Application IntegrationsRapidly builds end-to-end smart workflows to help automate digital processes.
        • Backup & Disaster RecoveryProvide centralized protection for environments and applications running on-premises and on-cloud.
        • Business Process AutomationProfessional services to assist businesses in streamlining and automating business process and re-shaping their work.
        • TECHNICAL SERVICES


        • Technical SupportCertified engineers in providing IT support services with commitment to Service Level Agreements.
        • Managed ServicesProvide expertise to manage businesses’ IT requirements for operational efficiency and faster resolutions.
        • Workplace ModernizationDesign, install and implement modern AV and communication solutions for all workplace environment types.
        • Installation ServicesProfessional services in IT installations and implementations.
        • PROFESSIONAL SERVICES


        • Training ServicesProfessional training services from our certified trainers, engineers and consultants.
        • Project ManagementProfessional services in managing processes and resources to ensure the success of a project delivery.
        • Change ManagementManage the transition in product, policy and process changes to achieve ROI in new technology adoptions.
        • >> MORE
  • Products
        • More Products >>

  • Partners
        • Partner With Us
        • More >>

  • Customers
        • Our customers
        • Customer Stories
  • Blog
  • About
        • OVERVIEW


        • About PointStarPointStar is one of the pioneers in cloud services in the region.
        • Our TeamMeet our team of cloud transformation leaders.
        • OUR PARTNERSHIP


        • Awards and AccreditationPointStar has been recognized many times for a great number of achievements.
        • JOIN POINTSTAR


        • Why Join UsWorking at our company goes far beyond just having a job.
        • CareersJob opportunities in PointStar.
        • EVENTS


        • EventsCheck out our upcoming events.
  • Contact Us
        • Contact Sales
        • Help & Support
        • Customer Service Portal
  • Shop
Home » Digital Transformation Rockstar Blog » How to prevent WPA1/WPA2-PSK attacks

How to prevent WPA1/WPA2-PSK attacks

How to prevent WPA1/WPA2-PSK attacks

Syah Ismail2018-08-30T12:05:31+08:00
Syah Ismail Blog, How to 0 Comments
psk

On Aug 4, 2018, a new method to exploit a known vulnerability was announced by Jens Steube from the Hashcat project for wireless networks that use WPA1/WPA2-PSK (pre-shared key), allowing attackers to obtain the PSK being used for the particular SSID. The vulnerability affects most wireless vendors using roaming technologies, including Cisco Meraki, and targets information exchanged between the client and AP via management frames during roaming inherent in the 802.11 protocol. Customers using Meraki APs are vulnerable if using fast roaming (802.11r) with PSK.

How does an attack occurs?

Roaming technologies were developed to improve the access point handoff experience of wireless client devices as they physically move about a given network and, by virtue of distance and signal strength, automatically associate and disassociate with various access points (APs). Associating with a new AP takes time due to the necessary authentication. Fast Roaming (FT) speeds up the authentication and association process for roaming clients, helping to protect against packet loss and poor performance in high-bandwidth applications like VoIP calls or streaming content.

As part of the attack, an attacker can target the re-association process to obtain the unique master key ID used for the specific client. The master key ID is derived from the master key (also PSK) and name, AP MAC address and client MAC address. Since the master key is derived from the PSK and other details can be easily obtained, an attacker can obtain the key. Because this attack uses a dictionary attack to determine the PSK being used, it is highly recommended that admins use strong passwords that are not susceptible to guessing attempts.

Who’s affected?

Meraki has already identified at-risk customers and notified them about the vulnerability. Only customers using FT with WPA/WPA2-PSK on Meraki APs are affected. Additionally, a warning has been added to the Meraki dashboard notifying customers if their configuration makes them vulnerable. SSIDs using WPA/WPA2-Enterprise are not affected by this vulnerability as the key generation process is very different as compared to PSK.

How to prevent it?

To gauge impact, customers can leverage a new tool available in the Meraki dashboard by going to Announcements > KRACK & PMKID Vulnerability Impact to check any networks that might be affected. Customers can easily turn off 802.11r (FT) for all affected networks directly from the tool. Only customers affected by the PMKID and/or KRACK vulnerability will see the tool in the dashboard.

To determine whether 802.11r is enabled for a given Meraki wireless network, navigate to Wireless > Configure > Access Control in the Meraki dashboard, and look under Network Access:

psk

We strongly urge all customers to disable 802.11r when used with PSK. Our technical experts are available to assist with any questions or concerns you may have.

Share this post

Facebook Twitter LinkedIn Google + Email

Author

Syah Ismail

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

POINTSTAR SINGAPORE | A CLOUD TRANSFORMATION COMPANY
PointStar Singapore is a leading cloud transformation company based in Singapore that brings businesses great solutions, with a presence across Asia including Malaysia and Indonesia. We offer cutting-edge cloud solutions like email & collaboration, video conferencing, AI chatbot, and machine learning featuring a wide range of products including Google Cloud Platform, Google Workspace, Google Workspace for Education, Google Maps Platform, Oracle NetSuite, Cisco Meraki, AppSheet, Apigee, HelloSign, and Logitech. Furthermore, we enhance these solutions with top-notch services such as infrastructure modernization, installation, change management, and technical support which means you get the best value for your investment. All because we value you as our customer. What are you waiting for? Start your transformation journey by getting a complimentary consultation from us.

Solutions

  • Email And Collaboration
  • Room And Conference
  • Public And Hybrid Cloud
  • API Management
  • CRM Solutions
  • Document Management Systems

Services

  • Cloud Migration
  • Data Analytics
  • Workspace Modernization
  • Managed Services
  • Training Services
  • Technical Support

Partners

  • Google Cloud
  • Oracle NetSuite
  • Logitech
  • Meraki
  • Freshworks
  • Microsoft

About Us

  • Our Team
  • Awards And Accreditation
  • Our Offices
  • Careers
  • Events
Copyright © 2009-2023 PointStar Pte Ltd. All Rights Reserved. Privacy Policy.
PointStar Malaysia PointStar Indonesia PointStar Consulting Alomos e-Store
Facebook Linkedin