Disable WPS setup if you got it enabled.

Configuration and other hardware related information

Disable WPS setup if you got it enabled.

Postby Dutch » Mon Jan 02, 2012 1:07 pm

User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Re: Disable WPS setup if you got it enabled.

Postby Barry » Mon Jan 02, 2012 4:57 pm

It's better to flash dd-wrt or open-wrt, because just disabling it, might not actually disable it.

Image
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Re: Disable WPS setup if you got it enabled.

Postby streaker69 » Mon Jan 02, 2012 7:42 pm

I guess it's a good thing I'm still using older AP's that don't have those new fangled vuln's.
User avatar
streaker69
 
Posts: 11867
Joined: Thu Jul 08, 2004 10:09 am
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA

Re: Disable WPS setup if you got it enabled.

Postby Barry » Tue Jan 03, 2012 4:36 pm

streaker69 wrote:I guess it's a good thing I'm still using older AP's that don't have those new fangled vuln's.

You still rocking 802.11b?? :p
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Re: Disable WPS setup if you got it enabled.

Postby streaker69 » Tue Jan 03, 2012 6:52 pm

Nope, just don't have anything with WPS on it. A couple of WAP54G's and a couple of WRT54G's because I needed extra ethernet ports in a room to handle my WDTVLive boxen.
User avatar
streaker69
 
Posts: 11867
Joined: Thu Jul 08, 2004 10:09 am
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA

Re: Disable WPS setup if you got it enabled.

Postby Guest » Thu Jan 05, 2012 11:14 am

Barry wrote:It's better to flash dd-wrt or open-wrt, because just disabling it, might not actually disable it.

Actually, so far it seems that its mainly Linksys/Cisco gear that doesn't disable WPS even if you select to disable it in the router's GUI.

I've tested so far on a Trendnet TEW-673-GRU (equal to a D-link DIR 825, with an added LCD display and 2 USB ports), a TP-Link TL-WR1043ND, a Netgear and a couple of Linksys/Cisco routers.

The Trendnet and TP-Link models were cracked within 3-5 hours with the Reaver tool. The Netgear employed security delay measures, upon multiple attempts for PIN registration, but still was cracked after 11 hours, with appropriate timeout settings tweaking in the Reaver commandline (Reaver 1.3 from their SVN employs an algorithm to finetune the delays automatically, either from a community updated DB, or via heuristics during its run).

The Linksys E-series routers I tested against were cracked after 4 and 6 hours. They were then reconfigured with WPS off in their settings, and coldbooted, yet were again cracked. This wasn't possible with the Trendnet, TP-link or Netgear models. On these, the WPS capability was not available when disabled in their GUI, and Reaver just sits waiting, untill its ctrl-C'ed.

Image

Dragorn has implemented detection of WPS capability for detected AP''s in Kismet, which will show in the server console log. If the encryption capabilities listed show WPS, it is vulnerable. Its not visible in the Kismet GUI listing of networkdetails yet. I've asked him if he can include an alert for reaver type attacks in kismet for those who use it as a WIDS.

So yes, if you have a Linksys/Cisco device, with WPS functionality, reflashing to DD-WRT or Open-WRT is a good idea, if they support your device. Not really needed on the other 3 manufacturers devices I've tested (Trendnet + Dlink, TP-Link, Netgear).

Dutch
Guest
 

Re: Disable WPS setup if you got it enabled.

Postby little dave » Fri Jan 06, 2012 6:39 pm

Guest wrote:
Barry wrote:It's better to flash dd-wrt or open-wrt, because just disabling it, might not actually disable it.

Actually, so far it seems that its mainly Linksys/Cisco gear that doesn't disable WPS even if you select to disable it in the router's GUI.

I've tested so far on a Trendnet TEW-673-GRU (equal to a D-link DIR 825, with an added LCD display and 2 USB ports), a TP-Link TL-WR1043ND, a Netgear and a couple of Linksys/Cisco routers.

The Trendnet and TP-Link models were cracked within 3-5 hours with the Reaver tool. The Netgear employed security delay measures, upon multiple attempts for PIN registration, but still was cracked after 11 hours, with appropriate timeout settings tweaking in the Reaver commandline (Reaver 1.3 from their SVN employs an algorithm to finetune the delays automatically, either from a community updated DB, or via heuristics during its run).

The Linksys E-series routers I tested against were cracked after 4 and 6 hours. They were then reconfigured with WPS off in their settings, and coldbooted, yet were again cracked. This wasn't possible with the Trendnet, TP-link or Netgear models. On these, the WPS capability was not available when disabled in their GUI, and Reaver just sits waiting, untill its ctrl-C'ed.

Image

Dragorn has implemented detection of WPS capability for detected AP''s in Kismet, which will show in the server console log. If the encryption capabilities listed show WPS, it is vulnerable. Its not visible in the Kismet GUI listing of networkdetails yet. I've asked him if he can include an alert for reaver type attacks in kismet for those who use it as a WIDS.

So yes, if you have a Linksys/Cisco device, with WPS functionality, reflashing to DD-WRT or Open-WRT is a good idea, if they support your device. Not really needed on the other 3 manufacturers devices I've tested (Trendnet + Dlink, TP-Link, Netgear).

Dutch



Ok hang on a minute is Dutch "guest" is "guest" Dutch ?

And I thought he dropped off the face of the earth :confused:
little dave
 
Posts: 382
Joined: Wed Dec 28, 2005 4:22 pm
Location: somewhere between 00:0f:f8:58:58:08 and 00:13:10:20:20:83

Re: Disable WPS setup if you got it enabled.

Postby little dave » Fri Jan 06, 2012 6:49 pm

Test
little dave
 
Posts: 382
Joined: Wed Dec 28, 2005 4:22 pm
Location: somewhere between 00:0f:f8:58:58:08 and 00:13:10:20:20:83

Re: Disable WPS setup if you got it enabled.

Postby Dutch » Tue Jan 10, 2012 12:54 am

Dragorn has included an alert for reaver type WPS bruteforce attacks, in the latest SVN of kismet.
Announcement here : http://blog.kismetwireless.net/2012/01/ ... e-ids.html

Screendump of alert : http://peecee.dk/uploads/012012/WPSBRUTE.png

@little dave : Just forgot to login, before posting the previous message.

Dutch
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark


Return to Hardware

Who is online

Users browsing this forum: No registered users and 3 guests

cron