Wi-Fi Protected Setup (WPS; originally Wi-Fi Simple Config) is a computing standard that attempts to allow easy establishment of a secure wireless home network, but has been shown to easily fall to brute-force attacks.
A major security flaw was revealed in December 2011 that affects wireless routers with the WPS feature, which most recent models have enabled by default.
The flaw allows a remote attacker to recover the WPS PIN and, with it, the network's WPA/WPA2 pre-shared key in a few hours.
The WPS protocol defines three types of devices in a network: The WPS standard defines three basic scenarios that involve these components: The WPS protocol consists as a series of EAP message exchanges that are triggered by a user action and relies on an exchange of descriptive information that should precede that user's action.
In December 2011 researcher Stefan Viehböck reported a design and implementation flaw that makes brute-force attacks against PIN-based WPS feasible to perform on WPS-enabled Wi-Fi networks.
The ease or difficulty of exploiting this flaw is implementation dependent, as Wi-Fi router manufacturers could defend against such attacks by slowing or disabling the WPS feature after several failed PIN validation attempts.
Methods for disabling WPS have been published for some models of the following brands; In some devices, notably those made by Linksys, disabling WPS in the user interface does not result in the feature actually being disabled.
No comments:
Post a Comment