WPS and security... read and heed...

[sfx2000]

Expect a flurry of updates from Linksys... If you're using a Linksys home gateway, be afraid, very afraid. Their WPS is seriously broken, even disabled it's still enabled, and it will cough up your WPA2 key with enough effort...

Other OEM's have similar problems, but Linksys is very broken here...

Links below:

US-CERT - http://www.kb.cert.org/vuls/id/723755

White paper - http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf

Source Code - http://code.google.com/p/reaver-wps/

Commentary - http://arstechnica.com/business/new...tm_source=rss&utm_medium=rss&utm_campaign=rss

Further Info on other affected OEM's - https://docs.google.com/spreadsheet/ccc?key=0Ags-JmeLMFP2dFp2dkhJZGIxTTFkdFpEUDNSSHZEN3c#gid=0

 

[thiggins]

Thanks for the tip. I'll post something on this. But why single out Cisco/Linksys? The CERT alert names Belkin, Buffalo, D-Link, NETGEAR, TP-Link and ZyXEL. My guess is that most routers implementing WPS are vulnerable.

 

[rhombus]

But why single out Cisco/Linksys?

Their WPS is seriously broken, even disabled it's still enabled

Because according to reports, disabling WPS in their router menus never did anything, it does not actually switch it off. So there's no immediate/intervening/absolute fix.

 

[RogerSC]

I have a Linksys E4200 which runs well with tomato firmware, and avoids WPS altogether. Waiting for an emergency Linksys firmware release for this one.

I know, I'm not holding my breath *smile*.

 

[sfx2000]

Thanks for the tip. I'll post something on this. But why single out Cisco/Linksys? The CERT alert names Belkin, Buffalo, D-Link, NETGEAR, TP-Link and ZyXEL. My guess is that most routers implementing WPS are vulnerable.

Linksys had a variant of the problem, where it was confirmed via screen shots that disabling WPS didn't actually disable WPS, so it remained vulnerable - the other OEM's may have similar problems...

Odd that this wasn't caught by the OEM's, as WPS itself is not fundamentally flawed, just some implementations where the PIN is static and the authenticator method is PIN...