What's new

Waiting For The WPS Fix - Linksys

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

mikeubell

New Around Here
I recently purchased a Linksys E2500. Since I have another 2 weeks to return it to Bestbuy I wanted to find out if there was any sort of time line on when they would at least announce when they would make it possible to disable WPS. I chatted with a support agent for some time, but she stood by this statement:

And since it was discovered that there is a vulnerability issue, the user can opt to manually configure his/her Router's security. Choosing the WPA2 Personal which is today's most recommended nertwork security. By doing that the Router will follow that set up and not the WPS anymore.

I am inclined not to believe it. She said she tried it herself but when I asked how she tested it, she seemed to not understand the difference between turning on WPA2 and turning off WPS, since they can both be active at the same time.
 
Since you have the router, why not try it for yourself and report back?
 
Don't have the equipment

Since you have the router, why not try it for yourself and report back?

I have neither a WPS device nor a wifi card supported by the Reaver tool. Is there some other way to detect the support of WPS on the router?

Mike
 
I have neither a WPS device nor a wifi card supported by the Reaver tool. Is there some other way to detect the support of WPS on the router?

Mike

Hi Mike - Assume that WPS is active on the Linksys devices - even when disabled. In any event, Linksys is likely aware of the problem, and they've been good about updating routers that are still in the retail channel.

The likelihood of the average residential AP being haxxored is low. Recognize that the risk is there, so make the barriers to entry a bit more difficult to get through - WPA2 is a good step, MAC filters are one more hurdle for a haxxor to get through. It's much easier for someone to go to Sbux or McD's or any place that offers open WiFi if they really want to do bad things...

Don't get me wrong, the WPS issue is a big deal, and it needs to be resolved... I'm not a big fan of WPS, but for what it is worth, WPS has made it much more common these days to see security put on to home WiFi networks...

Let's just hope the collective OEM space gets this fixed, and soon...
 
At least Linksys routers each have and use a unique 8-digit pin code. Takes reaver a couple of hours usually to spit out the WPA/WPA2 passphrase.

There are about a half-dozen Actiontec Q1000 (Qwest) just in my neighborhood that all use the exact same 8-digit PIN!:eek:

It literaly takes 5 sec to expose the WPA2 passphrase of these Qwest routers using reaver under backtrack5:

reaver -i mon0 -b (bssid) --pin 12345670 -vv

Knowing the 8-digit PIN beforehand makes this exploit ridiculously easy!:mad:

On top of Qwest supplying generic exact PIN combos on their equipment, the router's GUI can be fully accessed w/o any additional username/password at 192.168.0.1! This is just freakin unbelievable....
 
At least Linksys routers each have and use a unique 8-digit pin code. Takes reaver a couple of hours usually to spit out the WPA/WPA2 passphrase.

There are about a half-dozen Actiontec Q1000 (Qwest) just in my neighborhood that all use the exact same 8-digit PIN!:eek:

It literaly takes 5 sec to expose the WPA2 passphrase of these Qwest routers using reaver under backtrack5:

reaver -i mon0 -b (bssid) --pin 12345670 -vv

Knowing the 8-digit PIN beforehand makes this exploit ridiculously easy!:mad:

On top of Qwest supplying generic exact PIN combos on their equipment, the router's GUI can be fully accessed w/o any additional username/password at 192.168.0.1! This is just freakin unbelievable....

Yikes!

Is there a way to disable WPS on that device?
 
WPS Fix

There are a few approaches you can take to protect your network from the WPS security flaw while we all wait for the manufactures to send out a fix:

*Know that a brute-force attack on a WPA2 protected Home Wireless network is unlikely--but as we all now know definitely possible. Probability increases somewhat in an apartment bldg, dorm etc.


Some suggestions :
1. If you can (and all your devices support N-only) there is some evidence that N-only network mode is resistant to "brute-force" attacks
2. Note: Turning off WPS on a Linksys router or other wireless routers without PIN lockout features has been confirmed ineffective
3. Frequently monitor your connected devices
4. Use Parental Controls to block any unknown device on your network, or
5. You can use the Mac Filter to Restrict Access to any device, or
6. You can set up MAC Filters to only accept access to your known devices on your network--everything else that tries to join gets blocked
 
Yikes!

Is there a way to disable WPS on that device?

Quickly browsing around the GUI, the WPS page of the Actiontec Q1000 had no visible option to disable. Verified this with a couple of other Q1000 that where in my wireless range as well....
 
Quickly browsing around the GUI, the WPS page of the Actiontec Q1000 had no visible option to disable. Verified this with a couple of other Q1000 that where in my wireless range as well....

Not to cool to be looking at other people's routers - in some localities, you can be charged with trespassing or worse...

Other point - many routers, when under reaver attack, they forcibly de-authenticate any attached stations associated with that access point - meaning, you're bouncing your neighbors off their network...
 
In addition to the hurdles mentioned above such as MAC filtering, it seems to me that this problem could easily be resolved by assigning static IPs for all devices on the network and limiting the available IP addresses handed out by the router.
 
In addition to the hurdles mentioned above such as MAC filtering, it seems to me that this problem could easily be resolved by assigning static IPs for all devices on the network and limiting the available IP addresses handed out by the router.


If they know how to use Reaver, they know how to bypass both Mac filtering and DHCP/static addressing.
 
Yeah, when the internet police show up I'll just tell them that you had asked me to look!;)

Less worried about the cops actually - more concerned that the target AP kicks off the users while reaver is attacking it...

:cool:
 
MAC Filtering is USELESS

It bears repeating because I keep seeing it: MAC filtering is not a security method, even before this WPS flaw was known. As Claykin said, anyone that has the ability to crack WPS already has the ability to and knowledge of getting around MAC filtering. Add to that, turning off broadcast mode on your router.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top