 ashrc4Premium
join:2009-02-06
australia | Time to disable WPS on most routers »krebsonsecurity.com/2011/12/new-···ecurity/
"Security researchers have released new tools that can bypass the encryption used to protect many types of wireless routers."
If you can disable WPS in router do so or simply don't use it.
"In an advisory released on Dec. 27, the U.S. Computer Emergency Readiness Team (US-CERT) warned that “an attacker within range of the wireless access point may be able to brute force the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause a denial of service.” The advisory notes that products made by a number of vendors are impacted, including Belkin, Buffalo, D-Link, Linksys, Netgear, TP-Link and ZyXel."
"He said his tool took about four hours to test all possible combinations on TP-Link and D-Link routers he examined, and less than 24 hours against a Netgear router."
Impressive time frame 
sourced from here:»forums.spybot.info/showthread.ph···&t=11420
--
Paradigm Shift beta test pilot. "Now is the not right time to stop folding." |
|
|
|
| For those of us that are technically proficent, probably not news, it was bound to happen.
For those that aren't probably wouldn't care anyways, "Oh, it's got WPS, I just push this
and it secures it for me" [/brain off]
Thanks for the links tho.
Regards |
|
 shearerNorthern LightsPremium
join:2002-06-18
Asia | reply to ashrc4
My Linksys WAG200G (wireless adsl gateway) does not have a WPS setting. I set up my security manually. So I guess I'm not affected? |
|
| reply to ashrc4
as i said months back wireless is not secure....
here's a public tool
»code.google.com/p/reaver-wps/ |
|
 nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7 | reply to ashrc4
I never turned that on. It looked too much like a security hole waiting to be exploited. |
|
| reply to ashrc4
Geez, who would've thought 4 decimal digits could be brute forced. |
|
 DrStrangeTechnically feasiblePremium
join:2001-07-23
West Hartford, CT
kudos:1 | reply to ashrc4
The first time I saw WPS on a new router I was setting up for a customer, I thought it had the potential to be a vulnerability. I've been ignoring it ever since.
Nothing to disable here. |
|
 NetFixerFrom my cold dead handsPremium
join:2004-06-24
The Boro
 ·Comcast Business..
 ·Vonage
 ·Cingular Wireless
·Comcast
| reply to ashrc4
It has been disabled here since shortly after I first applied power to the Netgear WiFi router that Comcast sent me. My previous WiFi router did not use WPS, and if I had not been able to disable it on this router, it would have been but back into the shipping box.
It was so obvious to me that an 8 digit numeric PIN was so totally insecure (especially in my neighborhood where I am surrounded by university students...and computer science is one of the most popular courses), that I wonder how it even became a standard WiFi device feature.
--
History does not long entrust the care of freedom to the weak or the timid.
-- Dwight D. Eisenhower |
|
 antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4 | reply to ashrc4
Linksys WAP11 and WRT54GL? Do I assume my old Linksys WRT54GL and WAP11 don't have it if they are not mentioned anywhere in its stock firmwares, manuals, and searches? |
|
PrntRhdPremium
join:2004-11-03
Fairfield, CA Reviews:
·Comcast
| said by antdude:Do I assume my old Linksys WRT54GL and WAP11 don't have it if they are not mentioned anywhere in its stock firmwares, manuals, and searches?
Yes, they don't have it.
 |
|
antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4 Reviews:
·RoadRunner Cable
| said by PrntRhd:said by antdude:Do I assume my old Linksys WRT54GL and WAP11 don't have it if they are not mentioned anywhere in its stock firmwares, manuals, and searches?
Yes, they don't have it. Whew, I was confused with SecureEasySetup. I just realized it was enabled so I disabled that too since I manually configured my wireless stuff.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
PrntRhdPremium
join:2004-11-03
Fairfield, CA | If you see a PIN 8 digit number on the router sticker you have the potential problem.
If you see a swirl symbol and an 8 digit number on the sticker you have the potential problem. |
|
antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4 Reviews:
·RoadRunner Cable
| |
|
PrntRhdPremium
join:2004-11-03
Fairfield, CA | Not there, I mean the sticker on the underside of the router where the serial number etc is documented. |
|
antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4 Reviews:
·RoadRunner Cable
| said by PrntRhd:Not there, I mean the sticker on the underside of the router where the serial number etc is documented.
Yeah, I checked there too. I did not see any eight numbers. Just long serial #s and MAC addresses under them.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
 planet
join:2001-11-05
Oz
kudos:1 | In my router's (Cisco E1500) wireless settings it offers manual and WPS, I have mine set to manual via bullet point so I infer my WPS is disabled using this setting. Do others agree? I entered a passkey manually via the wireless security settings.
When adding devices, I am able to push the button on the back of the router This automatically connects the device without putting in the passkey. |
|
PrntRhdPremium
join:2004-11-03
Fairfield, CA Reviews:
·Comcast
| said by planet:In my router's (Cisco E1500) wireless settings it offers manual and WPS, I have mine set to manual via bullet point so I infer my WPS is disabled using this setting. Do others agree? I entered a passkey manually via the wireless security settings.
When adding devices, I am able to push the button on the back of the router This automatically connects the device without putting in the passkey.
See this:
»arstechnica.com/business/news/20···aver.ars |
|
| DD-WRT does not support WPS and is not vulnerable. Which is a lucky thing since I have the same WRT54G2 here as cracked in the ars article. Guess he's got the factory firmware.
--
Scott Brown Consulting |
|
planet
join:2001-11-05
Oz
kudos:1 | said by sbconslt:DD-WRT does not support WPS and is not vulnerable. Which is a lucky thing since I have the same WRT54G2 here as cracked in the ars article. Guess he's got the factory firmware.
Is there firmware by DD-WRT that supports a Cisco E1500? |
|
| said by planet:Is there firmware by DD-WRT that supports a Cisco E1500?
It does not appear so, yet, no. |
|
