ALL-INKL.COM - Webhosting Server Hosting Domain Provider

Another glitch detected in eased WLAN setup!

It seems the popular WPS technology has another set-back to deal with! While
the setup of WPA-based encryption is safe in most scenarios, the handling with the
long security keys can be a real hassle. That’s why the WiFi consortium brought out
WPS which lets one set up WiFi-Connections by simply pairing a device with a code.

The PIN code, usually 8 digits long and sticked to a WiFi device is the shortcut for having the device hooked to the own WLAN. No need to enter a real complex and peskykey anymore. Pushing the WPS key on both the router and the device that shall access the WLAN and all the necessary configuration is done automatically. However what seems so easy and secure, seems to have a severe problem. In most cases it takes only 1100 tries to gather the PIN for the setup and you’re on the go to compromise a secured WLAN.

Most routers of today seems to be vulnerable. Some of them simply crash when a brute-force on the WPS is done. Others may withstand the brute-force attack but will be subject to the leak. The only safe way is to deactivate the WPS feature when there’s no device in your WLAN that can be only connected using WPS. Fortunately most of the WiFi-devices still support the manual configuration.

It seems that it’s still better to remember the WPA-key and all the params to have your device in your WLAN.

To harden the network, an ACL (access control list) based upon MAC-Addresses may be the way to go. Disabling the SSID beaconing (that makes your WLAN visible) is another step to harden your WLAN but it is not practical as some WiFi-Devices don’t support manual SSID entering or stop function properly! So are Android-based devices in the misery when they cannot find the network and do not connect to your WLAN in some cases!

The downside of an ACL-based WLAN is that you have to manually enter ALL device’s MACs prior to connecting to your WLAN! Can be time-consuming and MAC-spoofing is also possible (unfortunately!).

December 29, 2011 Netspark - 1594 posts - Member since: May 9th, 2011 No Comments »

Rockbottom!Very badBadAverageGoodVery goodAwesome! (No Ratings Yet)
FILED UNDER :Computer , News
TAGGED WITH : , , , , , ,

Leave a comment