Apple AirPort Extreme (2013)
|
QuestionI'm reading this to say if you use the WPS option to enter a PIN vs a Key, then your vulnerable. While if you only use the option to Push the button, and the device you want to connect "talks" to the router to share the key, then your ok.
Clairify if I am wrong please. |
|
|
Pretty much.
Push button models are internal registers and are not affected.
The models with external registers are venerable. I'm guessing but probably 1/3rd of all newer routers have that. |
|
|
Apple AirPort Extreme (2013)
|
Well only reciently have I even started to use routers with tht option, case in point the Pace 411n, Westel/Netgear 7550, and the Samknows/Netgear router. All have buttons on the outside that need held for a few seconds to start the pairing process, those i'm assuming are safe. |
|
|
I also have a Samknows/Netgear router and would like to know what I need to do to avoid this problem. |
|
|
I think DataRiker was sying were safe, but I'm awaiting clarification on that. |
|
Ubee E31U2V1 (Software) pfSense Netgear WNR3500L
|
to sparky57
said by sparky57:I also have a Samknows/Netgear router and would like to know what I need to do to avoid this problem. I have the samknows netgear WNDR3700, and its got an option to disable the router PIN. Log into your router at 192.168.1.1(default should be admin/password if you have not changed it already, which you should), and poke around the pages until you find it. |
|
|
to OSUGoose
You are fine, as you state the only way to start the process is by depressing the button. The flaw only applies to routers which use a PIN system in combination with an external (i.e. client based) registration.
If people have WPS but don't use it, there is no reason why it should be leave that option enabled |
|
|
to OSUGoose
Don't listen to people who give advice without knowing what they're talking about. And don't be that person.
Unfortunately, if a router is certified for WPS it needs to support all three types, not just pushbutton. So, you are probably vulnerable. Just turn off WPS, then you're fine. |
|