DIY Chatroom Home Improvement Forum

DIY Chatroom Home Improvement Forum (http://www.diychatroom.com/)
-   PC Repairs & Upgrades (http://www.diychatroom.com/f13/)
-   -   Beware wifi router WPS vulnerability (http://www.diychatroom.com/f13/beware-wifi-router-wps-vulnerability-131213/)

raylo32 01-24-2012 08:31 AM

Beware wifi router WPS vulnerability
 
Affects almost every current wifi router. By the spec they must have WPS and have WPS enabled by default to be "wifi certified". And most (notably cisco/linksys) have no way to totally disable WPS. Supposedly they are "working on it" but they have known about this flaw for a long time so maybe not a good idea to hold one's breath.

http://www.smallnetbuilder.com/wirel...or-the-wps-fix

poppameth 01-25-2012 05:52 AM

I have Tomato firmware flashed on all my routers. No built in WPS support.

raylo32 01-25-2012 07:29 AM

That or DD-WRT is about the only real solution until (if?) the mfgs develop fixes. But not many users have the skills to do this, especially the ones who would use WPS in the first place. And many routers are not supported by either.

Ironlight 01-25-2012 07:46 AM

You can also limit who can connect to your wireless network through individual MAC (machine access code) filtering. Basically you need to add the MAC address of all authorized devices to a list in your router. If a device is not listed, the router won't let it connect to your network regardless of whether it has the correct PIN or not. This is far more secure than WPA, and virtually every wireless router supports it these days.

raylo32 01-25-2012 12:04 PM

MAC filtering isn't that robust these days since sniffing out MACs and spoofing is relatively easy with freely available tools. Not a bad idea though, but kind of like putting "the club" on your steering wheel. At best you only slow the bad guys down a few minutes. Better to keep them off the network altogether.



Quote:

Originally Posted by Ironlight (Post 834226)
You can also limit who can connect to your wireless network through individual MAC (machine access code) filtering. Basically you need to add the MAC address of all authorized devices to a list in your router. If a device is not listed, the router won't let it connect to your network regardless of whether it has the correct PIN or not. This is far more secure than WPA, and virtually every wireless router supports it these days.


Ravenworks 04-02-2012 10:23 PM

Quote:

Originally Posted by raylo32 (Post 834210)
That or DD-WRT is about the only real solution until (if?) the mfgs develop fixes. But not many users have the skills to do this, especially the ones who would use WPS in the first place. And many routers are not supported by either.

Probally why Linksys/Cisco started offering their source code and now supports DD-WRT. You can download it right from their website.


All times are GMT -5. The time now is 02:38 PM.


Copyright 2003-2014 Escalate Media LP. All Rights Reserved