WiFi Protected setup

Chippiewill · 28-01-2012, 05:26 PM

I meant to make this a week ago but I forgot.

If your router has WiFi Protected Setup (Pretty much every router sold in the past five years) you need to login to the control panel and disable it (It may be called something different but basically if you have one of the push buttons on your router or an eight digit "security pin" on the back of your router you have it). Basically the guys who designed the specification for WiFi protected setup ****** up and the number of combinations goes from 100 000 000 combinations down to going through 10,000 combinations and then 1000 combinations (Taking cracking time on a bruteforce from a few hundred years down to about twelve hours). It's a massive cluster**** that leaves your wireless router as secure as if you used WEP instead of WPA2.

If you have a Cisco or d-link router you're ****** because turning of WPS doesn't actually turn it off. If you have an apple airport you don't need to worry because Apple did this properly and you're already secure.

For more infos:
http://twit.tv/show/security-now/335
http://twit.tv/show/security-now/337

**Recursion** · 28-01-2012, 06:51 PM

Realistically, is someone going to be persistent enough to sit there for 12 hours?

WEP is probably more insecure, you can crack a WEP key in less than 5 minutes.

Chippiewill · 28-01-2012, 07:27 PM

12 hours is the maximum length of time. Mean time to crack depends on the WPS cooldown which changes from router to router, people have been cracking these in as short as thirty minutes.

Edit: I was being optimistic on 12 hours on the max, most reports are saying 10 hours or less. (Although some routers have a very long cooldown which make it longer but most under 10 hours)

xxMATTGxx · 28-01-2012, 08:12 PM

I've had this disabled since day one, wasn't a fan of the whole pin idea.

Chippiewill · 28-01-2012, 08:15 PM

Originally Posted by xxMATTGxx

I've had this disabled since day one, wasn't a fan of the whole pin idea.

I thought it was pretty dumb when you could just use a WPA key.

xxMATTGxx · 28-01-2012, 08:17 PM

Originally Posted by Chippiewill

I thought it was pretty dumb when you could just use a WPA key.

I think I tried it once and it didn't work so I was like "**** this ****, goes back to WPA"

**Recursion** · 28-01-2012, 08:36 PM

Originally Posted by Chippiewill

I thought it was pretty dumb when you could just use a WPA key.

Some (albeit older) devices don't support WPA, I can see why WPS may have been attractive to the average user though.

Chippiewill · 29-01-2012, 01:16 PM

Originally Posted by Recursion

Some (albeit older) devices don't support WPA, I can see why WPS may have been attractive to the average user though.

All devices which support WPS support WPA.

The pushbutton and the dynamic pin made sense but the static pin is pointless since you have WPA.

Markeh · 29-01-2012, 04:10 PM

Some printers don't support anything other than WPS. I know lower end Epson wireless printers don't.

Chippiewill · 29-01-2012, 05:45 PM

Originally Posted by Markeh

Some printers don't support anything other than WPS. I know lower end Epson wireless printers don't.

********, they're not certified by the wifi alliance if they don't support WPA2 and WPS is reliant on WPA2 for functionality.

Thread: WiFi Protected setup

Thread Tools

WiFi Protected setup

Posting Permissions