dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
30643
share rss forum feed


ashrc4
Premium
join:2009-02-06
australia

1 recommendation

Time to disable WPS on most routers

»krebsonsecurity.com/2011/12/new-···ecurity/

"Security researchers have released new tools that can bypass the encryption used to protect many types of wireless routers."

If you can disable WPS in router do so or simply don't use it.

"In an advisory released on Dec. 27, the U.S. Computer Emergency Readiness Team (US-CERT) warned that “an attacker within range of the wireless access point may be able to brute force the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause a denial of service.” The advisory notes that products made by a number of vendors are impacted, including Belkin, Buffalo, D-Link, Linksys, Netgear, TP-Link and ZyXel."

"He said his tool took about four hours to test all possible combinations on TP-Link and D-Link routers he examined, and less than 24 hours against a Netgear router."

Impressive time frame

sourced from here:»forums.spybot.info/showthread.ph···&t=11420
--
Paradigm Shift beta test pilot. "Now is the not right time to stop folding."


HELLFIRE
Premium
join:2009-11-25
kudos:13

For those of us that are technically proficent, probably not news, it was bound to happen.

For those that aren't probably wouldn't care anyways, "Oh, it's got WPS, I just push this
and it secures it for me" [/brain off]

Thanks for the links tho.

Regards



shearer
Northern Lights
Premium
join:2002-06-18
Asia
reply to ashrc4

My Linksys WAG200G (wireless adsl gateway) does not have a WPS setting. I set up my security manually. So I guess I'm not affected?


funny

join:2010-12-22
reply to ashrc4

as i said months back wireless is not secure....

here's a public tool
»code.google.com/p/reaver-wps/



nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
kudos:7
reply to ashrc4

I never turned that on. It looked too much like a security hole waiting to be exploited.



sbconslt

join:2009-07-28
Los Angeles, CA
reply to ashrc4

Geez, who would've thought 4 decimal digits could be brute forced.



DrStrange
Technically feasible
Premium
join:2001-07-23
West Hartford, CT
kudos:1
reply to ashrc4

The first time I saw WPS on a new router I was setting up for a customer, I thought it had the potential to be a vulnerability. I've been ignoring it ever since.

Nothing to disable here.



NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast
reply to ashrc4

It has been disabled here since shortly after I first applied power to the Netgear WiFi router that Comcast sent me. My previous WiFi router did not use WPS, and if I had not been able to disable it on this router, it would have been but back into the shipping box.




It was so obvious to me that an 8 digit numeric PIN was so totally insecure (especially in my neighborhood where I am surrounded by university students...and computer science is one of the most popular courses), that I wonder how it even became a standard WiFi device feature.
--
History does not long entrust the care of freedom to the weak or the timid.
-- Dwight D. Eisenhower


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
reply to ashrc4

Linksys WAP11 and WRT54GL?

Do I assume my old Linksys WRT54GL and WAP11 don't have it if they are not mentioned anywhere in its stock firmwares, manuals, and searches?


PrntRhd
Premium
join:2004-11-03
Fairfield, CA
Reviews:
·Comcast

1 recommendation

said by antdude:

Do I assume my old Linksys WRT54GL and WAP11 don't have it if they are not mentioned anywhere in its stock firmwares, manuals, and searches?

Yes, they don't have it.


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable

said by PrntRhd:

said by antdude:

Do I assume my old Linksys WRT54GL and WAP11 don't have it if they are not mentioned anywhere in its stock firmwares, manuals, and searches?

Yes, they don't have it.

Whew, I was confused with SecureEasySetup. I just realized it was enabled so I disabled that too since I manually configured my wireless stuff.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer

PrntRhd
Premium
join:2004-11-03
Fairfield, CA

If you see a PIN 8 digit number on the router sticker you have the potential problem.
If you see a swirl symbol and an 8 digit number on the sticker you have the potential problem.



antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable

said by PrntRhd:

If you see a PIN 8 digit number on the router sticker you have the potential problem.
If you see a swirl symbol and an 8 digit number on the sticker you have the potential problem.

I don't think those are swirl symbols:

WRT54GL:
»www.techfuels.com/attachments/wi···uter.jpg
»images.amazon.com/images/G/01/el···gl-1.jpg

WAP11:
»wireless.gumph.org/articles/imag···s-01.jpg
»ecx.images-amazon.com/images/I/4···500_.jpg

I did not see any eight numbers. Just long serial #s and MAC addresses under them.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer

PrntRhd
Premium
join:2004-11-03
Fairfield, CA

Not there, I mean the sticker on the underside of the router where the serial number etc is documented.



antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable

said by PrntRhd:

Not there, I mean the sticker on the underside of the router where the serial number etc is documented.

Yeah, I checked there too. I did not see any eight numbers. Just long serial #s and MAC addresses under them.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer


planet

join:2001-11-05
Oz
kudos:1
Reviews:
·Cox HSI

In my router's (Cisco E1500) wireless settings it offers manual and WPS, I have mine set to manual via bullet point so I infer my WPS is disabled using this setting. Do others agree? I entered a passkey manually via the wireless security settings.

When adding devices, I am able to push the button on the back of the router This automatically connects the device without putting in the passkey.


PrntRhd
Premium
join:2004-11-03
Fairfield, CA
Reviews:
·Comcast

1 recommendation

said by planet:

In my router's (Cisco E1500) wireless settings it offers manual and WPS, I have mine set to manual via bullet point so I infer my WPS is disabled using this setting. Do others agree? I entered a passkey manually via the wireless security settings.

When adding devices, I am able to push the button on the back of the router This automatically connects the device without putting in the passkey.

See this:
»arstechnica.com/business/news/20···aver.ars


sbconslt

join:2009-07-28
Los Angeles, CA

DD-WRT does not support WPS and is not vulnerable. Which is a lucky thing since I have the same WRT54G2 here as cracked in the ars article. Guess he's got the factory firmware.
--
Scott Brown Consulting



planet

join:2001-11-05
Oz
kudos:1
Reviews:
·Cox HSI

said by sbconslt:

DD-WRT does not support WPS and is not vulnerable. Which is a lucky thing since I have the same WRT54G2 here as cracked in the ars article. Guess he's got the factory firmware.

Is there firmware by DD-WRT that supports a Cisco E1500?


sbconslt

join:2009-07-28
Los Angeles, CA

said by planet:

Is there firmware by DD-WRT that supports a Cisco E1500?

It does not appear so, yet, no.


agr

@comcast.net
reply to planet

said by planet:
"In my router's (Cisco E1500) wireless settings it offers manual and WPS, I have mine set to manual via bullet point so I infer my WPS is disabled using this setting. Do others agree?"

No. Configuring in manual mode does not turn off WPS. Apparently there is no way to turn it off on most (if not all) Cisco/Linksys routers that have the WPS feature. The only secure option at present appears to be using an older Linksys model lacking WPS or another brand that allows you to turn WPS off.



somms

join:2003-07-28
Salt Lake City, UT
reply to ashrc4

Re: Time to disable WPS on most routers

vimeo.com/34667806


The soon-to-be released Reaver Pro w/GUI is gonna make hacking into then owning wireless routers a snap!

jtrag

join:2010-08-19
Mcsherrystown, PA

WOW! That was quick...

Thanks for sharing!

- James


PrntRhd
Premium
join:2004-11-03
Fairfield, CA
Reviews:
·Comcast
reply to somms

said by somms:

vimeo.com/34667806


The soon-to-be released Reaver Pro w/GUI is gonna make hacking into then owning wireless routers a snap!

Not once DD-WRT or Tomato third party firmware is installed.


Reno
Premium
join:2008-10-26
Keller, TX

1 recommendation

said by PrntRhd:

said by somms:

vimeo.com/34667806


The soon-to-be released Reaver Pro w/GUI is gonna make hacking into then owning wireless routers a snap!

Not once DD-WRT or Tomato third party firmware is installed.

Yeah unless you're like me with a Linksys E4200 and flashing to either of those means the instant lost of functionality (One of the antennas, SSH, the USB port, etc).

PrntRhd
Premium
join:2004-11-03
Fairfield, CA

I agree, but waiting for Cisco Linksys to issue the fix may be too late, depending how much risk you have at your location.



NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

said by PrntRhd:

I agree, but waiting for Cisco Linksys to issue the fix may be too late, depending how much risk you have at your location.

IMO, at this point in time, I think that this vulnerability has been way over-hyped.

I do live in a "high risk" location (I am surrounded by university students at a university with a popular computer science school). My Netgear router logs every attempted WiFi connection to it, and I have not seen any dramatic increase in such attempts since this WPS vulnerability (and the POCs associated with it) was announced. OTOH, there are a couple of open hotspots within range, so that does tend to lower the "necessity" for anyone to break into my WiFi (other than the curiosity factor of what's on that network). I use one of the hotspots myself as a backup connection.
--
History does not long entrust the care of freedom to the weak or the timid.
-- Dwight D. Eisenhower

evoxllx

join:2007-06-07
Winter Park, FL

1 recommendation

reply to Reno

said by Reno:

said by PrntRhd:

said by somms:

vimeo.com/34667806


The soon-to-be released Reaver Pro w/GUI is gonna make hacking into then owning wireless routers a snap!

Not once DD-WRT or Tomato third party firmware is installed.

Yeah unless you're like me with a Linksys E4200 and flashing to either of those means the instant lost of functionality (One of the antennas, SSH, the USB port, etc).

I'm using tomato (tomato-E4200-NVRAM60K-1.28.0493MIPSR2-Toastman-RT-N-Std.bin) and it has the option of using ssh also both bands are working.

I haven't tested USB but I can say your other two points are inaccurate.

Not like the USB support on this router is very good anyway it's pretty slow from what I've heard.

There is also much functionality to be gained from third-party firmware such as being able to set a tcp timeout value as the stock firmware has such a low timeout that it actually violates RFC 5382 as do most consumer grade routers.