dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
40

planet
join:2001-11-05
Oz

1 edit

planet to Link Logger

Member

to Link Logger

Re: WiFi Protected Setup PIN brute force vulnerability

So, I'm trying to wrap my head around this; is there any solid workaround other than disabling wireless and plugging all devices in?

edit: If you disable WPS or the PIN option in your router, does this mitigate vulnerability?

sbconslt
join:2009-07-28
Los Angeles, CA

sbconslt

Member

said by planet:

If you disable WPS or the PIN option in your router, does this mitigate vulnerability?

Nope, not necessarily. In the Ars Technica article that they ran today (linked and quoted in the post immediately above) they cracked a WRT54G2 with reaver, then proceeded to their astonishment to crack it a second time with WPS set to off.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer to planet

Premium Member

to planet
said by planet:

So, I'm trying to wrap my head around this; is there any solid workaround other than disabling wireless and plugging all devices in?

edit: If you disable WPS or the PIN option in your router, does this mitigate vulnerability?

That will depend on the router.

Netgear implies that disabling the WPS PIN on their routers will protect you, but I have not had a chance to compile the POC code yet to test that claim on my own Netgear router (but it has had the WPS PIN mode disabled on it since I first applied power to it).
ElJay
join:2004-03-17
Portland, ME
Ubiquiti EdgeRouter Lite
Ubiquiti Unifi UAP-AC-LITE

ElJay

Member

said by NetFixer:

Netgear implies that disabling the WPS PIN on their routers will protect you, but I have not had a chance to compile the POC code yet to test that claim on my own Netgear router (but it has had the WPS PIN mode disabled on it since I first applied power to it).

Thanks for this. My router is a Netgear as well... I'm running fairly old firmware because it's very stable (a rare thing for SoHo-class routers) and I hope it has the described WPS implementation which throttles these brute-force attempts (assuming PIN = off doesn't really turn it off).

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

NetFixer

Premium Member

said by ElJay:

Thanks for this. My router is a Netgear as well... I'm running fairly old firmware because it's very stable (a rare thing for SoHo-class routers) and I hope it has the described WPS implementation which throttles these brute-force attempts (assuming PIN = off doesn't really turn it off).

That is probably because most (if not all) of the Netgear firmware for their resi/soho routers is Openwrt with a custom Netgear html interface.