Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
TG582n disable WPS
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- TG582n disable WPS
TG582n disable WPS
01-08-2012 9:34 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I've been looking at the WPS feature of the TG582n router, in the light of the well-known vulnerability:
http://arstechnica.com/business/2011/12/researchers-publish-open-source-tool-for-hacking-wifi-protec...
I had intended to just use a 516 modem, and a wireless router that doesn't have WPS, but I received a 582n (apparently the 516 is not available from plusnet any more?). So I thought it might be worth seeing whether it might be usable, since it seems pretty good apart from WPS.
The first approach would be to just turn of the wireless, this doesn't seem to be a problem to do, so it is one option but it would be nice to use wireless.
However I did find on the support sites for some other ISPs that it is possible to use telnet and the command line interface to the modem to disable WPS:
http://telecom.custhelp.com/app/answers/detail/a_id/25608/~/wps-security-risk---technicolor-tg582n,-...
I've tried this out, and it certainly seems to work - before doing this, pressing the WPS button causes it to flash orange. Afterwards, the WPS button does not cause flashing - in fact you can stop it mid-flash by sending the command! In addition, the "Wireless Easy Setup" link on the router web page now shows a gratifying server error. It can be turned back on using "enable" instead of "disable". After saving the setting, rebooting doesn't seem to turn WPS back on, so this seems like a fairly safe way to prevent the vulnerability.
I was wondering:
I was wondering how new firmware is handled by plusnet, it's not automatically applied somehow is it?
Thanks for help.
http://arstechnica.com/business/2011/12/researchers-publish-open-source-tool-for-hacking-wifi-protec...
I had intended to just use a 516 modem, and a wireless router that doesn't have WPS, but I received a 582n (apparently the 516 is not available from plusnet any more?). So I thought it might be worth seeing whether it might be usable, since it seems pretty good apart from WPS.
The first approach would be to just turn of the wireless, this doesn't seem to be a problem to do, so it is one option but it would be nice to use wireless.
However I did find on the support sites for some other ISPs that it is possible to use telnet and the command line interface to the modem to disable WPS:
http://telecom.custhelp.com/app/answers/detail/a_id/25608/~/wps-security-risk---technicolor-tg582n,-...
I've tried this out, and it certainly seems to work - before doing this, pressing the WPS button causes it to flash orange. Afterwards, the WPS button does not cause flashing - in fact you can stop it mid-flash by sending the command! In addition, the "Wireless Easy Setup" link on the router web page now shows a gratifying server error. It can be turned back on using "enable" instead of "disable". After saving the setting, rebooting doesn't seem to turn WPS back on, so this seems like a fairly safe way to prevent the vulnerability.
I was wondering:
- Is it worth mentioning this work around in support, for anyone worried about WPS?
- From some of the other forum posts, I noticed that plusnet seems to have a good relationship with Technicolor, can they give any more feedback on the issue? For example, it would be nice to have an "official" confirmation from Technicolor that using that setting will guarantee WPS is turned off and will stay turned off.
- Will a new firmware version disable WPS by default, allow for disabling it from the web interface, and/or reduce vulnerability some other way (not allowing hundreds of WPS attempts, or something similar maybe?)
I was wondering how new firmware is handled by plusnet, it's not automatically applied somehow is it?
Thanks for help.
Message 1 of 8
(16,984 Views)
7 REPLIES 7
Re: TG582n disable WPS
02-08-2012 9:29 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote (apparently the 516 is not available from plusnet any more?)
It hasn't been for a fair while.
Quote Is it worth mentioning this work around in support, for anyone worried about WPS?
It's in the community forum so it's already in the right place for you guys to help each other. Our stance here is that the router does support WPS but we don't directly support the configuratoin of it.
Quote From some of the other forum posts, I noticed that plusnet seems to have a good relationship with Technicolor, can they give any more feedback on the issue? For example, it would be nice to have an "official" confirmation from Technicolor that using that setting will guarantee WPS is turned off and will stay turned off
From what I've mentioned above I'd doubt that Technicolor would guarantee that but we'll let you know if we're able to gleam anything about that
Quote Will a new firmware version disable WPS by default, allow for disabling it from the web interface, and/or reduce vulnerability some other way (not allowing hundreds of WPS attempts, or something similar maybe?)
No, that shouldn't happen.
Quote I was wondering how new firmware is handled by plusnet, it's not automatically applied somehow is it?
No, as things stand any firmware updates would need to be done directly on the device.
Message 2 of 8
(3,611 Views)
Re: TG582n disable WPS
02-08-2012 10:11 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: dacious I've been looking at the WPS feature of the TG582n router, in the light of the well-known vulnerability:
http://arstechnica.com/business/2011/12/researchers-publish-open-source-tool-for-hacking-wifi-protec...
We checked this out when it was published, the TG582n WPS feature has a lockout mechanism that is documented by US-CERT (United States Computer Emergency Readiness Team). After 5 fails the router locks out WPS for 5 minutes.
Quote from: US The vendor states that Technicolor products use an anti brute-force mechanism: after 5 retries, the access point is locked for 5 minutes. A penetration test performed by the vendor found that to exhaust every possible PIN would take around 189.44 hours (about 7.89 days).
Link: http://www.kb.cert.org/vuls/id/JALR-8PKL26
Message 3 of 8
(3,611 Views)
Re: TG582n disable WPS
02-08-2012 6:44 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks for the quick responses!
The 516 thing confused me because I could still order a 516 from your website, and the online chat guy didn't seem to know the 516 wasn't available, so it was a complete surprise to get the 582n. On the plus side I think this made it half price?
It sounds like the WPS is already fairly reasonable. A week of attempts is quite a lot, but still not exactly impossible, particularly since 7.89 days is the longest time; the average would be half that At the very least, it's not too much of a worry if the WPS is switched back on for a day or two.
Thanks for the link to the CERT page, that's very handy in that it looks like a fairly official confirmation of the telnet WPS disable, I'll stick with that setting for now.
In addition, it looks like a pretty much bulletproof fix is being planned, based on the quote below?
It would be interesting to know from Technicolor when this is due. This would completely resolve the issue from my point of view, without requiring the use of telnet.
The 516 thing confused me because I could still order a 516 from your website, and the online chat guy didn't seem to know the 516 wasn't available, so it was a complete surprise to get the 582n. On the plus side I think this made it half price?
It sounds like the WPS is already fairly reasonable. A week of attempts is quite a lot, but still not exactly impossible, particularly since 7.89 days is the longest time; the average would be half that At the very least, it's not too much of a worry if the WPS is switched back on for a day or two.
Thanks for the link to the CERT page, that's very handy in that it looks like a fairly official confirmation of the telnet WPS disable, I'll stick with that setting for now.
In addition, it looks like a pretty much bulletproof fix is being planned, based on the quote below?
Quote Technicolor will follow the WiFi Alliance (WFA) recommendation concerning the fix for this vulnerability to keep WFA certification for their devices. Technicolor will implement the following:
Access point is locked after 10 faulty PIN code attempts. Then, the end-user resets the access point lock state via the GUI/CLI or a reboot of the access point.
Customers should contact the vendor to inquiry when firmware updates will be available that include this feature
It would be interesting to know from Technicolor when this is due. This would completely resolve the issue from my point of view, without requiring the use of telnet.
Message 4 of 8
(3,616 Views)
Re: TG582n disable WPS
03-08-2012 9:02 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I think I've already got a trial firmware with this in, we're testing it at the moment.
I'll check that it includes this fix and get you a copy.
Matt
I'll check that it includes this fix and get you a copy.
Matt
Message 5 of 8
(3,616 Views)
Re: TG582n disable WPS
04-08-2012 11:27 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks, that would be great
Message 6 of 8
(3,616 Views)
Re: TG582n disable WPS
17-09-2012 12:06 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Matt I think I've already got a trial firmware with this in, we're testing it at the moment.
I'll check that it includes this fix and get you a copy.
Matt
Is there a central place where firmwares are located? I would be interested in the updated fix as well.
Message 7 of 8
(3,616 Views)
Re: TG582n disable WPS
26-05-2013 5:51 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Matt
Quote from: dacious After 5 fails the router locks out WPS for 5 minutes.
I know this thread is old, but you might want to know that brute force tools can circumvent that feature
Message 8 of 8
(3,616 Views)
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page