RSS
 

Archive for January, 2012

Serious Wireless Network Vulnerability

10 Jan

Hello everyone. This is not a locksmith related post but it’s important enough to post for everyone to see. There is a serious vulnerability in wireless network routers that exists in most products on the market today. If you are currently using a wireless network in your home and you think you’re protected by using a WEP/WPA/WPA2 key, then it’s possible your router might be “hackable” using a new technique.

I just compiled some quick information on a serious vulnerability that exists in most wireless routers in use today. It allows a hacker access to your wireless network with only a couple to a few hours of “brute force” cracking. It preys in a feature in most wireless routers called “WPS”, which is Wireless Protected Setup, which allows a device to get set up easily into your wireless network. Unfortunately, a vulnerability exists in the system that greatly reduces the number of PIN codes needed to crack the router’s PIN code. Most PIN codes are hard-coded in and appear on a sticker on the router somewhere. Other routers do not allow you to disable this feature. Once this PIN code is successfully found, the router automatically “hands over” the WPA/WPA2 passphrase used to encrypt network traffic. This is how the system is supposed to work, but the brute force guessing of the PIN code is the weakness in the system.

It’s highly recommended that you take some time to look on the manufacturer’s page of your wireless router and look under the support section for your model router. Search for “WPS” or “WPS vulnerability” on the forums to see what fixes or firmware updates you can find to either turn off the WPS PIN feature or disable WPS completely.

Feel free to pass this on to anyone you know that has a wireless router in their home or business. The threat is a real problem and the vulnerability exists in the wild.

Dennis

Some helpful links I compiled about this problem:

============================================================
Netgear Routers
http://support.netgear.com/app/answers/detail/a_id/19824/kw/wps

Belkin Routers
http://en-us-support.belkin.com/app/answers/detail/a_id/75/~/disabling-wps-on-the-router

D-Link – You may not be able to turn off WPS on these routers:
http://www.dlink.com/support/faqDetail/?prod_id=3095&print=1

=============================================================
Not clear on how to turn WPS off on these routers, but these are helpful pages:

Cisco / Linksys routers – Are vulnerable and may not be able to turn off WPS. Here’s a forum page with some information:
http://homecommunity.cisco.com/t5/Wireless-Routers/Urgent-WPS-vulnerability-fix-ETA/m-p/476336/highlight/true#M219085

Buffalo Routers
http://forums.buffalotech.com/t5/forums/searchpage/tab/message?filter=location&location=Board%3A0102&q=wps#/?location=Board%253A0102&sort_by=-topicPostDate&q=wps&search_type=thread&filter=location

=====================================
Reference links to the vulnerability:

https://www.us-cert.gov/cas/techalerts/TA12-006A.html
http://www.kb.cert.org/vuls/id/723755#vendors

The actual process of doing the exploit (using a linux boot DVD and the Reaver program):
http://lifehacker.com/5873407/how-to-crack-a-wi+fi-networks-wpa-password-with-reaver

 
Comments Off

Posted in Bump Keys