Thursday, April 22, 2021
  • Getting Started
  • The Story
No Result
View All Result
  • Getting Started
  • The Story
No Result
View All Result
No Result
View All Result

Your router might be a vulnerability

by Elburz
October 10, 2020
in Hardware
Home Hardware

Problem

WPS is a feature on WiFi routers that was created so devices like keyboard-less devices (printers) could connect to a WiFi network. You push a button on the router and then another on the device and you’re set! Too good to be true? Yup. The problem is that the design is trash. There are only 11,000 possible passwords in total meaning a generic computer could brute force (read: guess) it in a few hours. Worse than that fact is that the WPS key even overrides the normal WiFi password! You could have the strongest password in the world and the attacked wouldn’t ever need it since they could brute force the WPS key.

High-level solution & Recommendation

  1. Disable WPS on your router. Easy! Problem solved. See you next time 😉
  2. If you absolutely need WPS for some reason, then you should ensure your router is updated with the latest firmware. Since the vulnerability was discovered, some vendors have included things like rate limiting or even lock the router after a certain number of incorrect WPS password attempts. There is a Google Sheet below that lists lots of routers, their level of vulnerability, and mitigation they might have implemented. It’s also worth reading the manual of a router before you buy it to see if any defenses are built in against WPS brute forcing.
WPS Info – Google Sheet
Tags: hardware
ShareTweetShareShare

Recommended

You Need A Password Manager

August 22, 2020

Two-Factor Authentication blocks most hacks

August 29, 2020

USB keys will end you

September 5, 2020

Ransomware is coming and sucks!

September 12, 2020

Level up your security every week!

Join our subscribers & be the first to get no-bs cybersecurity strategies that you can implement sent right to your inbox. We'll never send spam or sell of your data.

  • Privacy Policy
No Result
View All Result
  • Getting Started
  • The Story

© 2020 Sorkhabi International Inc.