Dhawaan, cilmi baare amni ayaa helay oo ka warbixiyay baylahda cusub ee aaladaha WiFi ee loo yaqaan FragAttacks . Kuwani waa noocyo cusub oo weeraro ah oo ka faa'iidaysta cilladaha naqshadeynta heerka WiFi waxayna saameeyaan inta badan aaladaha karti u leh WiFi . Waxa uu hore u helay weerarka KRACK kaas oo asal ahaan saameeya borotokoolka WPA2 .

Waa maxay FragAttacks? Sida looga ilaaliyo WiFi-gaaga ka dhanka ah FragAttacks?

Waa maxay FragAttacks?

Erayga FragAttacks waxa lagu soo koobay weedha Fr agmentation iyo ^(Attacks)Aggregation^(Ag) Attacks . Kuwani waa khataro amni oo bartilmaameedsada aaladaha WiFi . Weeraradan, weeraryahanku asal ahaan waxa uu bartilmaameedsadaa aalada ku dhex jirta inta u dhaxaysa shabkada WiFi^{(within the range of its WiFi network)} oo uu xado xogta xasaasiga ah ee dhibbanaha (tusaale, furaha sirta ah). Weerarradani waxay saameeyaan dhammaan borotokoollada amniga WiFi ee dhawaanahan oo ^(WiFi)ay ku jiraan WPA3 iyo WPA2^{(including WPA3 and WPA2)} . Routers-ka guriga, IoT , talefannada casriga ah, iyo aaladaha kale oo badan ayaa waxaa saameeya weerarada noocaan ah.

Akhri^(Read) : Sida loo ilaaliyo oo loo ilaaliyo routerkaaga WiFi^{(secure and protect your WiFi Router)} .

Naqshadeynta cilladaha WiFi

FragAttacks waxay ka faa'iidaystaan dhowr dayacan oo WiFi ah . Waxaa loo fulin karaa siyaabo kala duwan oo ay ka mid yihiin:

Waxa laga yaabaa in qofka wax weeraray uu duri karo qaab WiFi ah oo aan qarsoodi ahayn oo uu galiyay shabakad WiFi ah oo sugan . Waxay isticmaali karaan cilladda ugu horreysa ee naqshadeynta heerka WiFi taas oo ah habka isku^{(aggregation)} -darka . Tan, calanka " waa la isku^{(is aggregated)} daray" ee fareeshka ku jira lama ansaxin oo si fudud ayaa wax looga beddeli karaa. Sidaa darteed^(Hence) , weeraryahanku waxa uu duraa xidhmada oo khiyaaneeyaa dhibbanaha si uu ugu wareejiyo seerfarkooda xaasidnimada leh.

Cilladda labaad ee naqshadeynta WiFi waa qaabkeeda kala qaybsanaanta^{( frame fragmentation)} waxaana loo yaqaannaa weerar furaha oo isku dhafan^{(mixed key attack)} . Jajabka isla qaab-dhismeedka waxaa lagu sireeyay fure isku mid ah, halka aqbaluhu uu dib isugu ururin karo jajabyo leh furayaal kala duwan. Weeraryahanku waxa uu u isticmaali karaa kan si uu u faafo xogta dhibbanaha.

Ciladda saddexaad ee naqshadeynta waxay mar kale la socotaa qaabka jajabinta fiilada ee WiFi waxaana loo yaqaannaa weerar khasnado jajab ah^{(fragment cache attack)} . Waxa dhacaya waa in qalabka WiFi uusan ka takhalusin jajabyada aan dib-u-habaynta ahayn ee xusuusta marka isticmaaluhu ka go'o shabakada. Tan waxaa looga faa'iidaysan karaa in lagu duro jajab xaasid ah oo la geliyo xusuusta barta gelitaanka. Hadda, marka isticmaaluhu ku xidho shabakada WiFi oo uu gudbiyo fareem jajaban, jajabkaas waxa lagu ururin doonaa jajabkii xaasidnimada lahaa ee la duray.

Akhri^(Read) : Sida loo hubiyo in routerkaaga la jabsaday^{(How to check if your Router is hacked)} .

FragAttacks Demo waxaa qoray Mathy Vanhoef:

Sida loo ilaaliyo WiFi -gaaga ka dhanka ah FragAttacks ?

Qaar ka mid ah dhaqamada caadiga ah ayaa kaa caawin kara inaad WiFi -gaaga ka ilaaliso FragAttacks^{(FragAttacks)} . Kuwani waa:

cusboonaysii qalabkaaga
Ku rakib Cusboonaysiinta Amniga
Isticmaal sireed
Isticmaal VPN
Deji DNS Custom

1] cusboonaysii qalabkaaga

Mathy Vanhoef wuxuu ku yidhi blog-giisa:

The biggest risk in practice is likely the ability to abuse the discovered flaws to attack devices in someone’s home network. For instance, many smart home and internet-of-things devices are rarely updated, and Wi-Fi security is the last line of defense that prevents someone from attacking these devices. Unfortunately, due to the discover vulnerabilities, this last line of defense can now be bypassed. In the demo above, this is illustrated by remotely controlling a smart power plug and by taking over an outdated Windows 7 machine.

Markaa, haddii aad isticmaalayso nooc ka sii da'da ah ee qalabkaaga, waa inaad cusboonaysiisaa. Tusaale ahaan, haddii aad wali isticmaalayso Windows 7/8 , waa wakhtiga ku habboon in loo cusboonaysiiyo Windows 10^{(upgrade to Windows 10)} si aad uga ilaaliso qalabkaaga FragAttacks iyo weeraro kale oo amni oo cusub.

Oo, haddii aad isticmaalayso router duug ah oo aan lahayn wax casriyeyn ah oo la heli karo muddo dheer, waa inaad ka fikirtaa beddelka routerkaaga oo aad hesho mid cusub. Si fudud u beddel qalabkaaga haddii aysan jirin wax cusbooneysiin ah oo firmware ah si joogto ah.

Akhri^(Read) : Sida loo hagaajiyo dayacanka Shabakadda Wi-Fi ee Dadweynaha iyo Guriga.

2] Ku rakib Cusboonaysiinta Amniga

Had iyo jeer iska hubi inaad ku rakibtay cusboonaysiinta amniga qalabkaaga. Cusboonaysiinta ammaanku^(Security) waxay kaa caawinayaan inaad ka ilaaliso aaladahaaga wax u nugul nuglaanta iyo weerarrada amniga. Marka, sii wad hubinta wixii ku soo kordha amniga oo ku rakib isla marka la helo. In kastoo, taleefannada casriga ah iyo aaladaha kale ee casriga ahi si toos ah u soo dejiyaan oo u rakibaan cusbooneysiinta amniga. Laakin, sidoo kale gacanta ku hubi si aad isku mid u hubiso.

Xaaladda Windows 10 , waxaad ku rakibi kartaa amniga iyo cusbooneysiinta kale adoo aadaya Settings > Update & Security > Windows Update Xulashada Cusbooneysiinta Windows oo hubi wixii cusbooneed ee la heli karo ka dibna soo dejiso oo ku rakib PC-gaaga.

Akhri^(Read) : Talooyin ku saabsan Ammaanka Wi-Fi^{(Wi-Fi Security Tips)} : Taxaddar aad ka Qaadato Goobaha Dadweynaha^{(Public Hotspots)}

3] Isticmaal sireed

Markaad khadka ka dhex baadhayso, xaqiiji inaad ku jirto degel aamin ah oo wadata shahaado HTTPS ( Hypertext Transfer Protocol Secure ). Ma aha oo kaliya, isticmaal sirta mar kasta iyo meel kasta. Tusaale ahaan, adeegso codsi sugan oo bixiya sirta dhamaadka-ilaa-dhamaadka si aad xogta ugu kala wareejiso aaladaha. Xusuusnow FragAttacks^{(Remember FragAttacks)} waxay dhacdaa marka xogta aan qarsoodi ahayn lagu diro shabakad sugan. Markaa, sirtu waa waajib.

4] Isticmaal VPN

Tixgeli inaad isticmaasho adeegga VPN^{(using a VPN service)} maadaama ay kaa ilaalin karto FragAttacks^{(FragAttacks)} adiga oo taraafikadaada ku marinaya xiriir qarsoodi ah.

5] Deji DNS Custom

Waxa kale oo aad u habayn kartaa DNS caadada ah adiga oo ku jira routerkaaga iyo aaladaha kale si aad uga hortagto weerar kasta oo kuu jiheeya server xaasidnimo leh.

FragAttacks waa ururin cusub oo dayacan oo heerka WiFi ah kaas oo khatar gelinaya aalado badan. Weeraryahan ku dhex jira inta u dhexeysa shabakadaada ayaa qaadi kara weerarada noocaan ah halkaasoo uu isku dayo inuu xogtaada xado. Si kastaba ha noqotee, dhaqamada amniga aasaasiga ah ayaa kaa caawin kara inaad WiFi -gaaga ka ilaaliso FragAttacks .

Waxaad sii baran kartaa naftaada FragAttacks adoo aadaya fragattacks.com.

What are FragAttacks? How to secure your WiFi against FragAttacks?

Just about recently, a sеcurity researcher haѕ discovered and reported new νulnerabilities in WiFi devices known as FragAttacks. These are new types of attacks that exploit design flaws in the WiFi standard and affect most WiFi-enabled devices. He has previously discovered the KRACK attack which basically affected WPA2 protocol.

What are FragAttacks?

FragAttacks term is coined with the phrase Fragmentation and Aggregation Attacks. These are security threats that target WiFi devices. In these attacks, the attacker basically targets a device that is within the range of its WiFi network and steals the victim’s sensitive information (e.g., password). These attacks impact all recent WiFi security protocols including WPA3 and WPA2. Home routers, IoT, smartphones, and many other devices are affected by these kinds of attacks.

Read: How to secure and protect your WiFi Router.

Design Flaws in WiFi

FragAttacks take advantage of several vulnerabilities in WiFi. They can be carried out in various ways including:

The attacker may inject an unencrypted WiFi frame into a secure WiFi network. They can use the first design flaw in the WiFi standard which is its aggregation feature. In this, the “is aggregated” flag in a frame is not validated and can easily be modified. Hence, the attacker injects the packet and tricks the victim into redirecting him to their malicious server.

The second design flaw in WiFi is its frame fragmentation feature and is known as a mixed key attack. The fragments from the same frame are encrypted with the same key, while the receiver can reassemble fragments with different keys. An attacker can use this to exfiltrate the victim’s data.

The third design flaw is again with the frame fragmentation feature in WiFi and is called fragment cache attack. What happens is that the WiFi device doesn’t eliminate non-reassembled fragments from memory when a user is disconnected from a network. This can be exploited by injecting a malicious fragment into the access point’s memory. Now, when a user connects to the WiFi network and transmits a fragmented frame, those fragments will be reassembled with the attacker’s injected malicious fragment.

Read: How to check if your Router is hacked.

FragAttacks Demo by Mathy Vanhoef:

How to secure your WiFi against FragAttacks?

Some standard practices can help you protect your WiFi from FragAttacks. These are:

Upgrade your device
Install Security Updates
Use Encryption
Use a VPN
Set up a Custom DNS

1] Upgrade your device

Mathy Vanhoef says in his blog:

The biggest risk in practice is likely the ability to abuse the discovered flaws to attack devices in someone’s home network. For instance, many smart home and internet-of-things devices are rarely updated, and Wi-Fi security is the last line of defense that prevents someone from attacking these devices. Unfortunately, due to the discover vulnerabilities, this last line of defense can now be bypassed. In the demo above, this is illustrated by remotely controlling a smart power plug and by taking over an outdated Windows 7 machine.

So, if you are using an older version of your devices, you must upgrade them. For example, if you are still using Windows 7/8, it’s the right time to upgrade to Windows 10 to protect your device against FragAttacks and other new security attacks.

And, if you are using an old router that has no upgrades available for a long, you must consider changing your router and getting a new one. Simply replace your device if there are no firmware updates regularly.

Read: How to fix Public and Home Wi-Fi Network vulnerabilities.

2] Install Security Updates

Always make sure that you have installed security updates on your device. Security updates help you protect your devices against any new vulnerability and security attacks. So, keep on checking for security updates and install them as soon as they are available. Although, smartphones and other modern devices automatically download and install security updates. But, also check manually to ensure the same.

In the case of Windows 10, you can install security and other updates by going to the Settings > Update & Security > Windows Update option and check for updates available and then download and install them on your PC.

Read: Wi-Fi Security Tips: Precautions To Take At Public Hotspots.

3] Use Encryption

When browsing online, ensure that you are on a secure website with an HTTPS (Hypertext Transfer Protocol Secure) certificate. Not just that, use encryption all the time and everywhere. For example, use a secure application that offers end-to-end encryption to transfer data between devices. Remember FragAttacks occur when unencrypted data is sent over a secure network. So, encryption is a must.

4] Use a VPN

Consider using a VPN service as it can provide you protection against FragAttacks by routing your traffic through an encrypted connection.

5] Set up a Custom DNS

You can also configure a custom DNS manually in your router and other devices to obstruct any attack that redirects you to a malicious server.

FragAttacks are a new collection of vulnerabilities in WiFi standard that puts multiple devices at risk. An attacker within the range of your network can carry out these types of attacks where he attempts to steal your data. However, some basic security practices can help you protect your WiFi against FragAttacks.

You can further educate yourself on FragAttacks by going to fragattacks.com.

Damien Houston

About the author

Waxaan ahay injineer software iyo khabiir Windows 10 ah. Waxaan leeyahay waayo-aragnimo ka badan laba sano oo ku saabsan la shaqaynta casriga ah, windows 10, iyo Microsoft Edge. Diiradayda ugu weyn waa ka dhigista aaladahaagu kuwo si ka wanaagsan oo degdeg ah u shaqeeya. Waxaan ka shaqeeyay mashaariic kala duwan shirkado ay ka mid yihiin Verizon, Imac, HP, Comcast, iyo kuwo kale oo badan. Sidoo kale waxaan ahay macalin shahaado ka haysta tababarka daruuraha Microsoft Azure.

Waa maxay FragAttacks? Sida looga ilaaliyo WiFi-gaaga ka dhanka ah FragAttacks?

Waa maxay FragAttacks?

Naqshadeynta cilladaha WiFi

FragAttacks Demo waxaa qoray Mathy Vanhoef:

Sida loo ilaaliyo WiFi -gaaga ka dhanka ah FragAttacks ?

1] cusboonaysii qalabkaaga

2] Ku rakib Cusboonaysiinta Amniga

3] Isticmaal sireed

4] Isticmaal VPN

5] Deji DNS Custom

What are FragAttacks? How to secure your WiFi against FragAttacks?

What are FragAttacks?

Design Flaws in WiFi

FragAttacks Demo by Mathy Vanhoef:

How to secure your WiFi against FragAttacks?

1] Upgrade your device

2] Install Security Updates

3] Use Encryption

4] Use a VPN

5] Set up a Custom DNS

Damien Houston

About the author

Related posts

Sida loo xaliyo dhibaatooyinka WiFi gudaha Windows 11/10

WiFi badbaado ma u yahay caafimaadkaaga iyo gurigaaga?

Sida loo dajiyo WiFi Range Extender, Kobciyaha, iyo ku celiyaha

Sida loo cabbiro xoogga signallada WiFi gudaha Windows 10

Daaqadaha kuma xidhna WiFi marka la bilaabayo

Hagaaji internet ma jiro, khalad WiFi sugan oo ku jira Windows 11/10 [Go'an]

U isticmaal sawir qaade acrylic WiFi bilaash ah falanqaynta shabakadda WiFi-waqtiga-dhabta ah

Qalabka dusha sare wuxuu helayaa shabakad fiilo-la'aan ah oo la heli karo laakiin ma xidhmi doono

5GHz WiFi oo aan ka muuqan Windows 11/10

WiFi kuma weydiin doono erayga sirta ah gudaha Windows 11/10

Ku hagaaji lambarka 90403 ee cilada gudaha TP-Link WiFi Router Control Panel

Kordhi Xawaaraha WiFi iyo xoogga ishaarada iyo aagga daboolka

Software-ka ugu fiican ee WiFi Hotspot ee Windows PC

Sida loo hubiyo in laptop Windows uu taageerayo 2.4 ama 5 GHz WiFi

Sida loo ilaaliyo oo loo ilaaliyo routerkaaga WiFi

Sida loogu wareejiyo faylasha GoPro iyadoo la adeegsanayo Wi-Fi loona wareejiyo Windows PC

Talooyin Badbaado WiFi: Taxaddar aad ka Qaadato Goobaha Dadweynaha

Astaanta Wi-Fi ee aan ka muuqanayn ama ka maqan Taskbar gudaha Windows 11/10

Sida loo soo saaro Taariikhda WiFi ama Warbixinta WLAN gudaha Windows 10

U beddel calaamada WiFi ugu xoogga badan: Beddel gardarrada socodka WiFi