Micro WIPS on Turris Omnia (KRACK detector)

Comodore125 · November 7, 2017, 6:37pm

We have never had any working Wireless Intrusion Prevention System on open-source network devices.
First try is this https://github.com/securingsam/krackdetector Krack detector, which acts like WIPS devices are already doing against Man-in-the-middle attack that KRACK actualy is.

I hope we will have this in Turris Omnia.
Turris Omnia will stand among the best entreprise Wi-Fi solutions as the one prepared against KRACK as only a few are.

More info here https://krackattacks.securingsam.com/articles/2017/10/18/KRACK-ATTACK-SAM.html/

Paper for KRACK: https://papers.mathyvanhoef.com/ccs2017.pdf
Concept of WIPS in KRACK attack described here: https://framebyframewifi.net/2017/10/18/mitigating-the-krack-in-wpa2-with-wips/

jklaas · November 8, 2017, 4:41pm

Needs ctypes, which isn’t part of the default install:

# ./krack_detect.py wlan0
Traceback (most recent call last):
  File "./krack_detect.py", line 6, in <module>
    import ctypes
ImportError: No module named ctypes

Install ctypes:

# opkg install python-ctypes

Some folks will also need to know how to start it automatically. You’ll have to go tot he LuCI web interface, go to System|Startup, then go to the bottom to “Local Startup” and add the full path to the script there.

I’m planning on running it for a while to see what the load is before I decide to run it full time. My set up is pretty tightly controlled, so I don’t imagine I’ll really need it anyway.

Pepe · November 8, 2017, 6:05pm

Thanks for sharing here.

Would be nice to see it included in Foris.

Comodore125 · November 8, 2017, 6:10pm

Looks optimistic

Makefile does have: + DEPENDS=+python +python-ctypes +hostapd-utils
ctypes included