Welcome to Xfinity Help & Support Forums
Find solutions, share knowledge, and get answers from customers and experts

New to the Community? Start here.

5,872,203

members

1,338

online

28,733

topics

Top

KRACK attack, WPA2 vulnerability

New Poster

Re: KRACK Attack

I'd like to second this question. I've got a DCP3939 rented from Comcast and am in a crowded apartment with lots of people within range of it, so my paranoia is at least a tiny bit justified. I understand they don't want to jump the gun when it comes to security issues, but am eager to know if/when a router update is necessary and possible.

Bronze Problem Solver

Re: KRACK Attack

Again people. You need to update all your wifi clients comcast can not do this for you. Again comcast can patch all there gateways if even needed and until you update or replace your wifi clients you are still hackable. 

New Poster

Re: Home Security Firmware Updates

When was DPC3941_2.7p8s1_PROD_sey released, and does it block teh KRACK attack?

 

New Poster

DPC3941T Update from cisco re krack hack

Anyone know if Cisco or Comcast is working on a firmware update due to "KRACK"??

Especially  DPC3941T gateway from comcast?

Thanks much!

New Poster

Modem f/w for KRACK vulnerability

Will XFINITY push new Arris T862G/CT moden firmware to fix KRACK vulnerability?

current f/w version is:  

eMTA & DOCSIS Software Version:

9.1.103M2AB.SIP.PC20.CT

HW Version: 5
Vendor: 07112016
BOOT Version: 1.2.1.62
Core Version: 9.1.103M2AB.SIP.PC20.CT
Model: TG862G
Product Type: TG862G
Flash Part: 32MB
Download Version: 9.1.103M2AB.SIP.PC20.CT
Serial Number: D6JBU4EC5529172
Connection Expert
Moved:

Re: KRACK Attack

Connection Expert
Moved:

Re: KRACK attack, WPA2 vulnerability

Connection Expert
Moved:

Re: KRACK attack, WPA2 vulnerability

New Poster

Re: KRACK attack, WPA2 vulnerability

This issue has been around longer than people think, now it should finally get the attention it deserves! 

https://cloudspress.com

Silver Problem Solver

Re: KRACK attack, WPA2 vulnerability

Apple has released iOS and MacOS updates that fix the KRACK attack on some devices:

https://arstechnica.com/gadgets/2017/10/apple-releases-macos-10-13-1-and-ios-11-1-with-a-krack-fix-a...

 

"Update: As Ars readers have pointed out, Apple's support documentation states that the iOS KRACK fix is available for iPhone 7 and later, and for the early 2016, 9.7-inch iPad Pro and later. That could leave many iOS devices still exposed."

New Poster

Re: KRACK Attack

I literally just got off the phone with Xfinity 2nd tier support asking about a patch for the DPC3941 modem.  The woman "helping" me said 1) she has never heard of the krack wpa2 vulnerability, 2) none of her nearby colleagues has heard of it, 3) she can't find any information about it on her computer, and 4) she doesn't get internet access at work, so she can't search for information about it.  I actually dropped my phone.

New Poster

Re: KRACK attack, WPA2 vulnerability

It's been a couple weeks now.  There are patches available, when are you going to issue the patch?

Bronze Problem Solver

Re: KRACK attack, WPA2 vulnerability


This_i5_D0g wrote:

It's been a couple weeks now.  There are patches available, when are you going to issue the patch?


Ok and can you tell me what your going to get if and when Comcast patches your Gateway ?? If you think the gateway is patched and your now in the clear and you no longer need to worry about KRACK you would be totally wrong.

 

When are you going to patch every device in your home that uses wifi ?? Because the router or Gateway is only one step you must do the second on your own. 

Frequent Visitor

Re: KRACK attack, WPA2 vulnerability

Jim721,

 

We are posting here on the COMCAST forum in order to get COMCAST to patch the gateway hardware that we rent from COMCAST.

 

It is appropriate to post in a COMCAST forum to get a COMCAST provided device patched.

 

Just because we are posting here in this COMCAST forum does not mean that we are not also patching our other WiFi devices, or posting similar requests for patches in forums that correspond to the makers of other devices we use for WiFi.

 

We are all aware that multiple devices need to be patched. But COMCAST cannot patch those other devices, but they CAN and SHOULD patch the gateways that we rent from COMCAST.

 

In this forum, we should continue to request COMCAST to patch the devices that we rent from COMCAST.

 

At the very least, someone from COMCAST should post a message that acknowledges the issue and gives us a timeframe when the patch will be issued.

 

If that does not happen, then we should each call COMCAST and demand that they either replace the defective gateway we all have with a make/model that is properly patched ... or STOP charging us rent on our monthly bill for using a defective device ... and retroactively refund the monthly rent we have all been paying from the month in which KRACK was first discovered up until a patched gateway is provided. And if COMCAST refuses to do that, then we should complain to the city/town we live in (that gives COMCAST the franchise to be a monopoly service provider) and to the state Public Utility Commission.

New Poster

Re: KRACK attack, WPA2 vulnerability

So does that mean a patch hasn't been issued?

New Poster

KRACK vulnerability

What are you doing or have done to protect your gateways from the KRACK vulnerability?
Bronze Problem Solver

Re: KRACK attack, WPA2 vulnerability

I don't think comcast needs to patch many. The issue involving gateways or routers is only present when used in repeater mode or as a access point. I doubt many people are using there comcast provided gateways as repeaters or AP's not even sure they even support the mentioned modes of operation. 

 

And yes if comcast has a security issue then they should patch but Krack is mostly a client side problem. 

Frequent Visitor

Re: KRACK attack, WPA2 vulnerability

Jim721,

 

You said: "The issue involving gateways or routers is only present when used in repeater mode or as a access point. I doubt many people are using there comcast provided gateways as repeaters or AP's not even sure they even support the mentioned modes of operation. "

 

I have a Comcast-provided gateway Model DPC3941T (originally made by Cisco). I have no other access point in my home network.

 

This site:

https://www.dslreports.com/r0/download/2234717~41385a0f2e778ed11c009a204b796cad/C78-733352-00.pdf

 

... says this (the bolding is mine):  "The Cisco Model DPC3941T DOCSIS 3.0 24x4 Wireless Residential Voice Gateway is multiple solutions in one product. It combines a cable modem, two-line digital voice adapter, a router, and 802.11n wireless access points in a single device."

 

It appears to me that the gateway devices that Comcast provides do indeed provide an Access Point function. For those customers who rent a gateway from Comcast, how else would the wireless devices in our homes connect to the Internet ... except through the device (Access Point) provided by Comcast?

 

 

 

Bronze Problem Solver

Re: KRACK attack, WPA2 vulnerability

Your gateway is being used in router mode so no worries. 

Problem Solver

Re: KRACK attack, WPA2 vulnerability

Actually it depends on how you interpret it. The way I interpret it is that it is in AP mode because routers don’t have to be wireless. There are such things called “wired routers” that don’t have wireless so by the way it’s worded it does make it seem like that it’s a separate part.
Connection Expert

Re: KRACK attack, WPA2 vulnerability

FWIW;

 

https://www.google.com/search?q=what+is+an+access+point+vs+router&oq=what+is+an+access+poiny&aqs=chr...




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark an Answer!solution Icon

Frequent Visitor

Re: KRACK attack, WPA2 vulnerability

Lets not get side tracked by what we call the device that we rent from Comcast.

 

I will refer to it as a "gateway" that functions as a cable modem, a router, and an access point.

 

Those functions are implemented by the firmware that runs in the "gateway". Among other things, that firmware implements the WPA2 protocol needed to securely connect a wireless device to the customer's local area netword defined in the "gateway's" configuration. 

 

KRACK takes advantage of a flaw in that protocol.

 

We need someone from COMCAST to give us an "official" statement regarding whether or not the firmware that runs in the various "gateways" (that we rent from Comcast) is(or is not) vulnerable to KRACK, and if so ... what Comcast is doing to roll out firmware fixes that will mitigate the KRACK vulnerability in the "gateway".

 

It has been about 26 days since KRACK was first discovered, and yet no one from Comcast has the courtesy of posting here (or anywhere) informing us customers as to when we can expect a fix to this problem ... and yet Comcast continues to bill us monthly for renting a "gateway" with a possible vulnerability to KRACK.

 

Comcast:  where are you????

 

Problem Solver

Re: KRACK attack, WPA2 vulnerability

As the first result at https://www.google.com/search?q=what+is+an+access+point+vs+router&oq=what+is+an+access+poiny&amp... says, router can be an AP. However for it to be concern, routers have operations in STA/client mode or APs supporting 802.11r.
New Poster

KRACK

KRACK is a "presumed" potential threat to WiFi networks (quotes because it is unclear to me from previous posts whether the Comcast-rented modem is vulnerable--although its generated WiFi newtork may be). Almost a month ago Comcast stated that a public statement, presumably regarding upgrades to firmware/software to protect users, is forthcoming. To date it has not appeared, neither in this forum nor in press coverage. I, for one, would like either confirmation from Comcast that our home networks are secure or that a fix is forthcoming. If these options are not available, then please provide a guide regarding steps to protect individual devices connected to the WiFi network made available by the Comcast-rented modem. Press, and professional, coverage of KRACK continues to increase. We need information!

New Poster

Re: KRACK

I just spoke with Comcast Technical Support. She said they are working on a fix, but it's not complete yet. She said it will likely be a few more days before the fix is completed. She said they will push the fix out to affected gateways; they will let affected customers know about the fix; they will supply new hardware (gateways) if needed.

Contributor

Re: KRACK

Did they say what they were fixing?  I was under the impression that most home routers wouldn’t need much (if any work), since most of the KRACK issues are in the clients.

 

New Poster

Re: KRACK Attack

People calling the cistomer support. They are NOT going to validate the problem or they would make an announcement to customers. CYA...comcast never helps customers
Regular Visitor

Re: KRACK Attack

Houston XFinity Customer - TG1682G -- I use 2.4ghz and 5ghz - I would like to know when or if a patch/replacement for the Modem will be available. This modem/router has had numerous "hacked wifi" and "wps" connections already, even kicking them, making firewall rules against them, and changing the SSiD's and PW's have NOT Helped, it keeps happening. This has been happening to me since 2016, and as of 11-2017 -- I know some of "neighbors" around me are to blame, 1 for sure... as they changed my router's name, and pw - and I was able to view that information... and see all of their connected devices. -- They have not been confronted yet, and I don't plan on it, unless this continues after "whatever you decide to do" to fix these issues: (As of 11-20-2017) My WIFI on all devices including the Modem/Router in question is disabled, and will not be enabled until a fix is provided. (which is very tedious, Right next to T-Day, and X-Mas)

 

1) My cat frequently steps on the WPS Connect button -- please allow us to disable the WPS Button, or offer us a Modem without one... - Auto WPS is also (already) disabled, but not the "Button on top of the Modem/Router"  This is how our neighbor got in the first time, Since then: I "CAT" proofed the modem/router/button so they can not press it... LoL

 

2) Fix this KRACK Vulnerability - Since the Methods and Vulneralbilty is now 100% KNOWN by the PUBLIC, as of OCTOBER 2017, supposedly this has been known to those underground individuals since 2016.. My router had many phantom connections connected to the WiFi, and a bunch of new devices were popping up, and showing "online" and I do not own anything BY APPLE - just M$, Android, here. (I REFUSE to buy anything from ANYONE Black Friday 99% off or not *whatever that has or uses WIFI, Including Smart anything, TVs, gaming consoles laptops, smart phones, etc etc) UNTIL MY ROUTER which everything connects to is FIXED via a security patch/firmware upgrade, or replacement.... IF it isn't fixed by December 31st, We may be dropping service. -- as we are tired of being hacked, and having "anyone" within "RANGE" use up our data bandwidth - whether the intent is malicious or NOT. and before you ask... YES THE OPEN WIFI, is disabled, using WPA2 here. for both 2.4ghz and 5ghz WiFi.

 

Frequent Visitor

Re: KRACK Attack

I live in a apartment and the woman on the 2nd floor asked if she could have my password because her wifi isn't connecting! I told her no and that I didn't know the password as when I received Router in mail I couldn't connect and Comcast changed the password and name of the router, I'm sorta telling the truth they did change it but I do know the password. When she came up to do the laundry she said see I'm connected to yours now! Is this true? Doesn't she need the password? Or can she use it for a couple of minutes while it's asking for the code? I'm just wondering if this is why I keep getting dropped Page's
I don't want anymore community form email! I don't have time to delete thousands until I can figure out how to only get the ones I looked at
Service Expert

Re: KRACK Attack


Debora1 wrote:
I live in a apartment and the woman on the 2nd floor asked if she could have my password because her wifi isn't connecting! I told her no and that I didn't know the password as when I received Router in mail I couldn't connect and Comcast changed the password and name of the router, I'm sorta telling the truth they did change it but I do know the password. When she came up to do the laundry she said see I'm connected to yours now! Is this true? Doesn't she need the password? Or can she use it for a couple of minutes while it's asking for the code? I'm just wondering if this is why I keep getting dropped Page's

Maybe she is connecting to your public hotspot; the SSID is xfinitywifi.




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark an Answer!solution Icon

Frequent Visitor

Re: KRACK Attack

Thanks Robert! Since I didn't have my first computer till 09 and yes some of my jobs did have one and I'm not going into some of the crazy things I've done on accident, but my tablet does say Xfinity without the lock because when the kid Came out to hook it up it was a old router and I had to call and they did everything on the phone.should I remove the Xfinity wifi off the available wifi networks? Mine is named Patterson and she said she saw it. But she seemed to think if she fooled with it long enough she'd get in. I very rarely take my tablet out and don't have a smart phone, I have bad hand's and need that soft little pen object to type. So that's the only time I used the Xfinity wifi when at Doctor's appointment you can have a hour for free. Unless I'm doing something wrong and it's like the 4G and I'm supposed to get a number? Any help would be appreciated Thanks Debbie
I don't want anymore community form email! I don't have time to delete thousands until I can figure out how to only get the ones I looked at
Tags (1)
Frequent Visitor

Re: KRACK Attack

Robert Your correct as I never finished setting up the xfi app because I was uncontrollable having my devices listed I didn't know about the hotspot coming into my apartment. I wasn't getting any mail for about a month and yes sometimes I don't even use my tablet for a month! I just ended up on that xfi. Site my modem is listed as the old name I think X Setup and there's 3 devices running and 2 names like ones Winston I paused the devices but Xfinity doesn't give information on removing incorrect devices like Google does. And since I don't get guests over I want this hotspot gone! I'm so upset I could scream! Please advise how to fix this permanent and still get my mail. Thanks Debbie
I don't want anymore community form email! I don't have time to delete thousands until I can figure out how to only get the ones I looked at
Service Expert

Re: KRACK Attack


Debora1 wrote:
Robert Your correct as I never finished setting up the xfi app because I was uncontrollable having my devices listed I didn't know about the hotspot coming into my apartment. I wasn't getting any mail for about a month and yes sometimes I don't even use my tablet for a month! I just ended up on that xfi. Site my modem is listed as the old name I think X Setup and there's 3 devices running and 2 names like ones Winston I paused the devices but Xfinity doesn't give information on removing incorrect devices like Google does. And since I don't get guests over I want this hotspot gone! I'm so upset I could scream! Please advise how to fix this permanent and still get my mail. Thanks Debbie

https://www.xfinity.com/support/articles/disable-xfinity-wifi-home-hotspot




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark an Answer!solution Icon

Frequent Visitor

Re: KRACK attack, WPA2 vulnerability

While everyone believes it's 100% a gateway problem, I don't I think it's a hotspot flaw! There's no lock & I didn't know anything about the Xfinity hotspot signal coming into my apartment! I uninstalled the xfi app months ago because I don't like anyone seeing my devices! I ended up looking the other night and 2 devices are on my listed devices and it shows the current password but original router name before Xfinity changed it to my last name. I'm uncontrollable and feel violated, and I don't care what Xfinity said about my hotspot being fine as long as I don't give out my password? It's showing right on the xfi page! Now when I do decide to take my tablet out to a doctor's appointment. ATT 4G LTE hotspot gives you a secure number with a lock on it! Unless your using public WiFi! But your using your data but still on wifi. I guess that's what Xfinity customer's were upset about and felt they shouldn't have to pay for data on there smart phone. So this+ the fact that I was told that smart phones only last a average of 2 years makes my decision easy I'm keeping my flip phone that uses data different 3G and my tablet and Laptop! So I would uninstall the xfi app immediately unless you have to have it for a security system.
I don't want anymore community form email! I don't have time to delete thousands until I can figure out how to only get the ones I looked at
Tags (1)
New Poster

Re: KRACK attack, WPA2 vulnerability

thay need to push the update modems?


nerdburg wrote:

Comcast is aware of the issue but has not made an official statement yet. We'll keep you posted. 


 

New Poster

Re: KRACK attack, WPA2 vulnerability

YES- THIS!

Highlighted
New Poster

Re: KRACK Attack

we have experienced alomost the exact same thing for all of 2017.   I need a new IP address, a refund for this crummy gateway Comcast barely supports,  and frankly, the amount of turmoil these hackers have caused our family is law suit worthy.   It amazes me that comcast support reps dont even acknowledge what is going on.   They had me switch out my gateway and gave me the exact same model but with an even older firmware.   If I keep this service I will purchase enterprise grade equipment going  forward.  What a total disservice Comcast is allowing to continue even after 6 months of being aware.   

Bronze Problem Solver

Re: KRACK Attack

@sochimom.  Have you already patched ALL your wifi devices and clients already ?? If not patching your gateway does nothing. Anyway your gateway is in router mode there for no patch needed likely why you have heard nothing from comcast. 

Regular Visitor

Re: KRACK Attack

[deleted]

Contributor

Re: KRACK Attack

This has really taught me a lot about how slow android security updates can be.  My Moto phone finally got patched for KRACK last night.  (More than four months after the public disclosure.)  My Samsung android tablet is apparently "too old" to ever receive an update.  I went shopping for a new tablet and after looking in two stores, I found all of the Samsung android tablets were still unpatched (they all had internet access in the stores.)  So I bought an ipad.  (Apple patched IOS devices months ago.)    Much of what I used to do on Android devices already moved back to Windows which was patched right before the public disclosure. 

 

This still leaves me with two devices on my local network that are unknown/unpatched.  (One vendor said they are looking into it in October and has been silent since.) On the plus side, these devices do nothing that I consider secure or private.

 

As for my router, I own my own, and the vendor made it clear that no patch was needed.  This is mostly a client-side attack and would only affect a router used as a client or one with some fancy (for home use) features.  So, Comcast really had little if anything to do, but from our standpoint, as long as you do anything "important" on any unpatched (client) device, you should still be looking for a patch.

New Poster

Re: KRACK attack, WPA2 vulnerability

It's been more than 5 months now since the KRACK vulnerability was made public.  Where is Comcast with WiFi firmware patches for this?

 

Also please stop with the "you have to patch your endpoint devices" responses.  Fine - that's true.  Personally, I've long since done that.  We also need a patch for the modem/router that most of us are paying for as a part of our service.

New Poster

Re: KRACK Attack

Well let's see being how plenty of Comcast modems are vulnerable to WPS attacks and how many of the techs who install service for new customers or new equipment seems the techs always use the customers billing phone number as the wireless password, so now when the WPA Handshake is captured all that needs to be done is use a area code phone number list to crack the WPA/WPA2 password so good job now you not only got the persons wireless password but you now have their phone number as a bonus, and you can just login to their modem take note of the WPS pin and if the owner changes their WPA/WPA2 password you still have their WPS pin which now can be brute forced without getting WPS locked out.

 

Great comcast security good thing not everyone has 12 year old hackers that live next door.

Service Expert

Re: KRACK Attack


@MatthewKnight wrote:

Well let's see being how plenty of Comcast modems are vulnerable to WPS attacks and how many of the techs who install service for new customers or new equipment seems the techs always use the customers billing phone number as the wireless password, so now when the WPA Handshake is captured all that needs to be done is use a area code phone number list to crack the WPA/WPA2 password so good job now you not only got the persons wireless password but you now have their phone number as a bonus, and you can just login to their modem take note of the WPS pin and if the owner changes their WPA/WPA2 password you still have their WPS pin which now can be brute forced without getting WPS locked out.

 

Great comcast security good thing not everyone has 12 year old hackers that live next door.


Last week, Comcast installed an XB6 in my residence.  He did not change the default SSID and password.




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark an Answer!solution Icon

Frequent Visitor

Re: KRACK Attack

I came to the conclusion that everything can be hacked given enough time. Therefore I don't care any more about articles like

this. As Alfred E Newman said "why worry"

New Poster

router patch for security breach in WPA2 Wi-Fi protocol?

Has patch been completed. IT guy informed of breach in protocol.

New Poster

Re: KRACK attack, WPA2 vulnerability

Just read about VPNfilter malware which infects home wifi routers.  Is there a patch for the Xfinity routers which can be downloaded?

Service Expert

Re: KRACK attack, WPA2 vulnerability

Hmm.  Symantec doesn't mention Comcast equipment.

https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark an Answer!solution Icon

Special Events
FIFA World Cup 2018 on Xfinity See More