republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Wireless Security > WPS Vulnerability on ASUS RT-N66U Router, is it fixed?

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Forum Guidelines ·Wireless Security FAQ ·Keith's FAQ
AuthorAll Replies


some_stuff

@comcast.net

reply to Bluefish

Re: WPS Vulnerability on ASUS RT-N66U Router, is it fixed?

Hi Bluefish. I'm not familiar with that router but had similar questions with my own, wrt WPS.

I disabled WPS in the web interface but was not going to leave it to chance, as to whether it really was disabled or not! AFAIK the only way to check and be certain is to run a scan with wash and/or reaver. reaver itself can be quirky and tricky to get working depending on AP model, settings, and firmware, but it doesn't really have to be run to know. The package includes the "wash" tool which will list all local WPS enabled access points. If your router does not show up then WPS is disabled and there's no need to run reaver or fool with it.

I used an Ubuntu live cd to compile and run it. It only has a few dependencies. Not sure about other platforms, tools, or methods to test WPS functionality sorry.

As far as the other two things - you have the most recent firmware and if there's an unresolved problem with the firmware itself then there's not much that can be done. Only thing I can think of is to run more tools/scans to test out UPnP and Samba.

Try this for UPnP:

»www.grc.com/x/ne.dll?bh0bkyd2

Click Proceed and then "GRC's Intstant UPnP Exposure Test". That will do a WAN scan and that's the most important thing to check. It should respond with "THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!"

As for the Samba share I'm not sure. Maybe a Samba client or scanner? Hopefully others can give some further info because I've never done anything with Samba.

Hope this helps some!
to forum · permalink · 2013-03-24 10:29:43 ·


Bluefish
Premium
join:2010-02-23

Thanks for the pointers some_stuff, I already checked the grc.com tool and it came up, Target did not respond, so should be good there. I don't have the technical know how to run Reaver but will check out the additional tool you list. I live in a high density area and can see ~30 wireless networks on any given day, so need to be diligent with security. It's crazy how the router manufacturers can leave us high and dry with this. When this vulnerability first came out I made sure to disable WPS and then just recently I read that disabling doesn't necessarily stop the attack, crazy. Anyway, thanks for your help, much appreciated.

to forum · permalink · 2013-03-27 21:42:37 ·
Forums > Broadband Tech > Security > Wireless Security

Tuesday, 09-Apr 01:05:14 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics