You may have heard recently that there is a vulnerability affecting many wireless access points. It has to do with Wi-Fi Protected Setup (WPS) which is supposed to make it easier to configure devices to use your wireless network. The problem is the WPS system is vulnerable to a brute force attack that will allow a malicious attempt within range of your wireless signal to access and change settings on your device. Once the foot is in the door there are many other things that can be done, especially if you have un-protected devices on your network.
The two things you should know if you own or are responsible for any wireless access points are:
- There is no practical universal solution to the problem.
- You may have to use the hacking tools themselves to be 100% certain you are not vulnerable.
If you feel you have anything someone might want to steal, the smartest thing might be to just disconnect the wireless access point or turn it off. Then live without it until the manufacturer has clear information on your make and model of wireless device. Of course if your wireless access point is also your Internet Router this could be problematic.
There are more questions than answers right now and while you can’t tell with certainty if you are not vulnerable a list is being compiled of devices that have been confirmed to be vulnerable. You can access the WPS Vulnerability Testing Document to find devices that have been confirmed.
Known and potential solutions
Solutions to this issue will be updated here as they become available
Belkin (Does not note if this fully disables WPS!)
Netgear (Home Routers)
Additional Resources
Vulnerability Note VU#723755 (US-Cert)
Special thanks to @Shonali for sharing the Bart Simpson Chalkboard Generator.
This article originally appeared on my business blog on 1/6/2012.