Another discussion about WPS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: Another discussion about WPS
Another discussion about WPS
27-10-2014 12:27 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: deadkenny Likewise same model and firmware (8.C.M.0). I don't need to update but I am concerned if I have the latest approved firmware from a security perspective. Just been reading about the WPS vulnerability and a bit confused by that. Is my 582n at risk or is WPS disabled? I thought it was only enabled if I press the WPS button? Then I see there's some firmware that disables it after 5 attempts, but do I have that firmware? (though one comment says this is easily worked around by hackers). Other comments say some firmware versions disable it permanently. I recall using WPS button on mine a while back, but would PN have rolled out an update to my router, or has it not changed since I got it?
Why do you want to use WPS? If a review of your router I have just looked at is to be believed your router supports WPA2 which is much more secure, and not that difficult to set up. WPS is better than no encryption at all, but you don't seem very sure whether you are even using WPS.
Re: Another discussion about WPS
27-10-2014 1:08 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I think you are confusing WPS which is a method for setting up the wireless, with security encryption which could be WEP/WPA/WPA2.
There used to be security vulnerabilities with WPS which could be hacked and then the WPA(2) encryption key could be obtained.
Edit: and PS that enquiry was 8 weeks ago!
Re: Another discussion about WPS
27-10-2014 11:57 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
WPS is a mechanism for sharing pre-shared encryption keys. The PIN method has been criticised. It just seemed to me incongruous to be worrying about getting a firmware update to address the problem when a better solution would be to enter secure keys directly, or does this router not allow that? deadkenny didn't seem sure which WPS method he had used, which made me wonder if he had no encryption at all.
Re: Another discussion about WPS
27-10-2014 11:59 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Another discussion about WPS
27-10-2014 4:49 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: PNRichardC WPS is a mechanism for sharing pre-shared encryption keys. The PIN method has been criticised. It just seemed to me incongruous to be worrying about getting a firmware update to address the problem when a better solution would be to enter secure keys directly, or does this router not allow that? deadkenny didn't seem sure which WPS method he had used, which made me wonder if he had no encryption at all.
I'm well aware of the WPA/WPA2 side of things and yes, WPA2 absolutely preferable and I would never run it with no encryption.
No, my enquiry was about WPS. I'd only used it once myself, via the button, just to see what it does really, but I don't want or need to use it. As for being sure about using it, I'm 100% sure *I* am not using it, my concern is whether anyone else could use it externally without my knowledge if there's a router vulnerability.
i.e. My concern in the original post a while back was in response to this which was doing the rounds recently in the news in relation to a newly discovered flaw beyond the earlier PIN vulnerability...
http://www.engadget.com/2014/08/31/wifi-protected-setup-flaw/
So my question was, is my router vulnerable, and if so how can I disable WPS? As I understand it I don't have to be using WPS myself, but if it's present in the router and enabled it can be attacked using the PIN method, unless fully disabled. Advice in the news is simply to disable WPS.
So far the PN response on the other thread now was that I should be okay. If that's the case, then I'm fine. Would still be nice to have an option for no one to be able to use WPS via PIN in case of future vulnerabilities (obviously the button method needs physical access).
Re: Another discussion about WPS
27-10-2014 4:58 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Another discussion about WPS
27-10-2014 5:07 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Login, select 5.4 Advanced Options at the bottom of the screen, select Home Network from the LH menu and then select your WLAN from the displayed Interfaces. The steps to get there may be slightly different on your Firmware, I'm running the later 10.2.5.2 EO firmware.
On the top RHS of the screen you have Overview | Details | Configure - select Configure
Towards the bottom of the screen there is "Security" - you can uncheck WPS Enabled there.
You can also make any other changes you want
HTH.
Re: Another discussion about WPS
27-10-2014 5:36 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: PNRichardC I didn't spot that the reason this thread had appeared at the top of the new posts list was ejkirby had commented after a long gap instead of starting a new thread.
There's no real problem (on this forum anyway) with using an existing thread to raise something that is "on topic", in a lot of cases it's to be preferred as it helps with context. It doesn't normally affect "visibility" of a post in any event.
Re: Another discussion about WPS
27-10-2014 5:55 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Anotherone Hi, I don't think it's an issue in this firmware, I'll see what I can check, however you can turn it off through the GUI. I've turned mine off.
Login, select 5.4 Advanced Options at the bottom of the screen, select Home Network from the LH menu and then select your WLAN from the displayed Interfaces. The steps to get there may be slightly different on your Firmware, I'm running the later 10.2.5.2 EO firmware.
On the top RHS of the screen you have Overview | Details | Configure - select Configure
Towards the bottom of the screen there is "Security" - you can uncheck WPS Enabled there.
You can also make any other changes you want
HTH.
Aha, I missed that option for some reason, though it's obvious now I look at it. I've been in there before to change the channel so surely I noticed it. Oh well
That works. Many thanks.
Re: Another discussion about WPS
27-10-2014 7:40 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The vulnerability may be worse than I had thought. I thought WPS could be ignored and that a router was only vulnerable if it had been set up with the WPS PIN method and only PIN derived PSKs could be exposed, but it seems it is much wider than that. Unfortunately the PIN method is a mandatory part of WPS.
The article you refer to manages to create quite a muddle. One guess is actually 11000 guesses. It does link to another article which explains thngs a lot better, but the copy I managed to download was a bit garbled.
This article also explains it and suggests a workaround is to disable the external registrar feature of WPS.
http://www.kb.cert.org/vuls/id/723755
This is what Technicolor says.
http://www.kb.cert.org/vuls/id/JALR-8PKL26
It seems the original design locked the router for 5 hours after 5 failed attempts. This would increase the time taken for a brute force attack by about 50 hours. Technicolor proposes to lock the router after 10 failed attempts. It would then have to be reset from the GUI or CLI or rebooted. It does not give a date for the change.
It says WPS can be disabled by entering the following command from the CLI.
[tt]:wireless wps config state disabled[/tt]
Added. "locked the router for 5 hours" sholuld read 5 minutes. Also this was nearly 3 years ago so it probably has been fixed by now.
Re: Another discussion about WPS
27-10-2014 7:48 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: Another discussion about WPS