Tech Magazine

Major Wireless Network Security Breach – Wi-Fi Protected Setup (WPS) PIN Brute Force Vulnerability

Posted on the 16 January 2012 by Safegadget_com @safegadget

Linksys wireless router, Linksys router, WRT54G

A major security hole known as WiFi Protected Setup (WPS) PIN brute force vulnerability (US-CERT VU#723755) has been recently found in virtually all modern Wireless Routers used in the home, resulting in a vulnerability that allows hackers to extract your wireless security password in a matter of hours. Wi-Fi Protected Setup (WPS) is a protocol that allows users to press a button on their Wireless Router and connect to their computers without typing in a long cryptic password. A hole in this protocol has been recently found and exploited, allowing hackers easy access to cracking most wireless networks.

The biggest issue is that virtually all wireless routers sold in the last couple of years are hackable. The manufacturers need to update their firmware for these devices in order to fix the security breach. As of January 16th, 2012, no manufacturers have issued updates, leaving millions of wireless networks vulnerable. Adding insult to injury, options to disable Wi-Fi Protected Setup (WPS) have been found to not do anything.

Why is getting your wireless password bad?

There are many reasons why you do not want your wireless password hacked.

  • Others could use your Internet Connection Freely
  • Spam or other illegal activities could be sent
  • Everything you do on your network could be captured and read
  • Your online banking and trading would no longer be secure

Secure your computer, web browser, Internet connection

It is important that you not only secure your wireless router but also secure all the devices connected to it. Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.

How to hack a wireless network

Reaver is a Linux based attack program that can quickly exploit the Wi-Fi Protected Setup (WPS) bug and recover a wireless network’s password. This page has links to several articles on how to install and run Reaver.

How to tell if your wireless router is vulnerable

People have been running Reaver and testing different wireless routers.  This Google Docs Spreadsheet is being updated as new results come in. If you test a configuration, be sure to add it to the spreadsheet.

Below are the major wireless router manufacturers and status reports on updates to their firmware to fix the Wi-Fi Protected Setup (WPS) PIN Brute Force Vulnerability or how to disable WPS.

AppleNot Vulnerable - Does not implement WPS

ASUS – Vulnerable - Unverified: Disable WPS by Clicking Disabled in the WPS tab after clicking “Wireless” in the left hand column

Belkin – Vulnerable – Instructions to Disable WPS

Buffalo – Not Vulnerable – Uses DD-WRT with custom PIN code

Cisco (Linksys) – Some VulnerableProduct List – E4200V1 & WRT320N WPS Disable Hack – Turning off WPS does not really turn it off.

D-Link – Vulnerable - Disable WPS by Unchecking Enabled in the ADVANCED tab > WI-FI PROTECTED SETUP

Huawei – Vulnerable

Netgear – Vulnerable – Instructions to Disable WPS

Technicolor – Vulnerable - Instructions to Disable WPS

TP-Link – Vulnerable - Disable WPS by Clicking Disabled WPS after clicking “WPS” in the left hand column.

TRENDnet – Vulnerable – Disable WPS by Selecting Disabled in the WPS Config after clicking “WPS” in the left hand column under Wireless.

ZyXEL – Vulnerable

If your wireless router does not have a solution to the WPS security hole, consider using alternative 3rd party firmware (if available), which is covered below.

How to protect your wireless network from the WPS PIN Brute Force Vulnerability

If you have a vulnerable wireless router and a fix is not available, consider purchasing a new wireless router that is not affected.

Here are some methods to prevent the WPS pin vulnerability from being exploited on your wireless router.

  • Wi-Fi Protected Setup (WPS) – Disable this feature (if possible) and enable manual setup, even though it makes setup much easier. Use a test tool to verify that WPS really got turned off.
  • Some older Linksys routers have SecureEasySetup™ (SES), which can be disabled to increase security.
  • Implement the security tips in our How to Setup a Secure Wireless Router article including utilizing timers to shut off your router when it is not needed, and repositioning the wireless router to limit coverage. Also watch for unknown wireless devices utilizing your network, by examining DHCP leases.

Third Party Wireless Router Firmware to prevent WPS attack

Open Source alternatives to the software running on your wireless routers is available for some units.

  • 3rdParty Firmware or software for the wireless router is often available with additional features not available from the manufacturer’s firmware
    • Why? – Need a particular special feature. Often only for power users.
    • What features would be available? – Stability, security, configurability
    • Wireless Router Compatibility – Check website to see if your wireless router is supported by 3rd party firmware

DD WRT Wireless Router WPA2 Security Encryption

  • DD-WRT – Popular 3rd party replacement firmware for many wireless routers.
  • OpenWRT - Another Open Source firmware for wireless routers.

Wireless Router Tomato Firmware

  • Tomato – Popular 3rd party replacement firmware for many wireless routers.
  • TomatoUSB - Supports different routers than Tomato

The Wi-Fi Protected Setup (WPS) PIN Brute Force Vulnerability is a major wireless security bug that affects millions of people, potentially allowing hackers to steal a lot of information. We have covered many ways to address the problem and will continue to update this article as manufacturers produce solutions.


Back to Featured Articles on Logo Paperblog