I am thinking about purchasing the newly introduced D-Link DAP-1320 wireless extender. There is virtually no feedback yet on this device, although it looks interesting. Has anyone had any experience with it?
Also, it has WPS connectivity available. I am concerned about the WPS brute force attack vulnerability and whether it exists with this device. D-Link support says that even if you connect through a browser GUI WPS is still active. Does this mean it could be hacked via a WPS brute force attack, even if you've set up a WPA2 connection to your network. Tech support could not give me an answer to this question.
As an alternative I am thinking of getting a router, repeater that can be loaded with ddwrt firmware.
I recommend turning OFF WPS if you don't even use it. Dlink has fixed the WPS issue. Also the security depends on how you use it, recommended settings are WPA2 only and AES only ether on the DAP or on the Main host router if you want to she the DAP in bridged mode. You'll be find if you can use WPA2 and AES only. Some devices don't support AES only so you'll need to check your devices.
Thanks for your reply. Yes, I do use WPA2 and AES on my router (Actiontec Q1000). Since WPS can't be turned off on DAP-1320, would this be a problem if I connect it to my router using WPA2 and AES through the browser GUI interface? In other words could someone hack my network since the WPS on the DAP-1320 would still be active but not used for the connection?
If you bridge the DAP to the main host router, WPS will probably be disabled in this mode. WPS has been fixed so it shouldn't be anything to worry about any more. Use your main host routers MAC filter settings to allow or dis-allow any one not authorized to be on your network.
If your seeking more info, I would recommend posting on the DLink forums for this model DAP or directly phone contact DLink support, say level to and get official information for your questions. Let us know what the say.
Also to answer your I believe configuring the device via manual doesn't enable the WPS feature. This isn't like a router with WPS, think of the extender like a adapter, and its asking if your router has WPS. So if you already disabled WPS on your router, there is nothing to worry about. No more then having it turned on your computer.