Reply
Old January 10th, 2012 Top | #1
 
American Zombie's Avatar
OSNN Veteran Addict
Joined: June 2004
Location: Seattle
Posts: 2,915
Reputation: 2829
Power: 182

Default WPS Vulnerability

If you have a router and use WPS you may want to go into your routers GUI to disable WPS for now until your router manufacturer (if on the list) provides a firmware update.

A design flaw that exists in the WPS specification for the PIN authentication significantly reduces the time required to brute force the entire PIN because it allows an attacker to know when the first half of the 8 digit PIN is correct.
The lack of a proper lock out policy after a certain number of failed attempts to guess the PIN on some wireless routers makes this brute force attack that much more feasible.
More info and router manufactures affected are at the source.

Source: US-Cert
American Zombie is offline   Reply With Quote
Old March 1st, 2012 Top | #2

OSNN Folding Team  
fitz's Avatar
Just Floating Along
Joined: April 2004
Location: Chicagoland
Posts: 4,067
Reputation: 2947
Power: 196

Default Re: WPS Vulnerability

I never really liked WPS - maybe because I never took the time to fully understand it..
fitz is offline   Reply With Quote
Old March 3rd, 2012 Top | #3
Xie

OSNN Subscriber
OSNN Folding Team  
Xie's Avatar
- geek -
Joined: September 2003
Location: NY, USA
Posts: 5,275
Reputation: 1730
Power: 203

Default Re: WPS Vulnerability

This kinda dropped right off the radar, which is weird because probably 99% of the routers that would have been effected still are. The scary part is that your router can be potentially exploited by this vulnerability even if it is not active on your router, just having it as part of the firmware is enough in some cases. Only way to know is try and crack your routers password.

Here is a write up on it @ Lifehacker: How to Crack a Wi-Fi Network's WPA Password with Reaver


tehgeek | tehgeek | geeking out to tech | IRC | *Parted Magic* | A+ Certified Professional

Xie is offline   Reply With Quote

Reply

Thread Tools

Posting Rules

Similar Threads
Thread Thread Starter Forum Replies Last Post
Safari Vulnerability Detected Mastershakes Macintosh 8 February 22nd, 2006 3:25am
Vulnerability Kr0m Windows Desktop Systems 16 December 11th, 2002 11:33pm
Is there a fix for the xp logoff vulnerability? Powerchordpunk Windows Desktop Systems 14 March 26th, 2002 3:42am