Beware of mDNS Floods from Buggy Android Clients January 15, 2018Recently, I discovered a large increase in multicast traffic on an enterprise Cisco WLAN. This increase was large enough to cause packet loss in several areas where bandwidth is limited, usually at the WAN edge. While throughput remained within the acceptable range for a circuit, an extremely high packet rate was overwhelming the edge device’s … Continue reading "Beware of mDNS Floods from Buggy Android Clients"Mitigating the KRACK in WPA2 with WIPS October 19, 2017On Monday, security researcher Mathy Vanhoef disclosed a new vulnerability in the WPA/WPA2 four-way handshake, which has been branded KRACK. The attack is targeted and sophisticated, and it results in decrypting a TKIP or CCMP/AES encrypted session without knowledge of the PTK. WPA/WPA2-Personal and WPA/WPA2-Enterprise networks are vulnerable. The attack takes advantage of client side … Continue reading "Mitigating the KRACK in WPA2 with WIPS"