Topic 'Status on WiFi Protected Setup (WPS) vulnerability' in forum 'Security' - dslreports.com

Re: Status on WiFi Protected Setup (WPS) vulnerability

Wed, 30 Jan 2013 13:00:04 EDT

anon posted : Actually NETGEAR has not been fixing this for many models. They just suggested to turn WPS off. But many NETGEAR models are still vulnerable even with WPS off. Not good to be on this silent mode (i.e. people will just forget about this vulnerability in a few months time).

The same applies to Linksys/CISCO where only few models have been patched. »homekb.cisco.com/Cisco2/ukp.aspx···id=25154

Re: Status on WiFi Protected Setup (WPS) vulnerability

Tue, 29 Jan 2013 03:49:21 EDT

Mangix posted : There are still reaver vulnerable routers on the market. netgears for example have it mostly fixed but most of the routers don't have the newer firmware and home users in general don't update it.

There was also an xfinity gateway which is still vulnerable.

So yeah, still an issue.

Re: Status on WiFi Protected Setup (WPS) vulnerability

Mon, 28 Jan 2013 19:00:55 EDT

TheMG posted : WPS should be renamed to WLS (Wifi Lazy Setup), cause that's what it really is.

Re: Status on WiFi Protected Setup (WPS) vulnerability

Mon, 28 Jan 2013 13:20:25 EDT

NetFixer posted :

said by planet:

Wondering if vendors are still selling routers that are vulnerable to the Reaver Hack via WPS? or are router's native firmware now capable of utilizing WPS versus disabling that feature?

The only reasonably safe method is to totally disable it (if your router offers that option, and if it actually works). Anything else (even if your router vendor swears that their WPS implementation is now safe) is just waiting for the other shoe to drop.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

Re: Status on WiFi Protected Setup (WPS) vulnerability

Mon, 28 Jan 2013 12:49:21 EDT

Ken1943 posted : Doing a Google search, the only thing I found was a firmware up date on some routers to disable wps on Cisco/Linksys routers.

I think wps was meant for people that couldn't read the manual to set up their routers. In my apartment complex many routers are using 40 mhz channels on 2.4ghz including those default programed by Century Link.
Comcast just installed wireless routers that are also programed wrong. Like theirs were the only ones around here.

My last count of routers around me, using InSidder, was 40.

Some people are just plain stupid.

Status on WiFi Protected Setup (WPS) vulnerability

Mon, 28 Jan 2013 12:02:23 EDT

planet posted : Wondering if vendors are still selling routers that are vulnerable to the Reaver Hack via WPS? or are router's native firmware now capable of utilizing WPS versus disabling that feature?