Wi-Fi Protected Setup made easier to brute force
Source: H Security - Posted by Dave Wreski   
Wireless Security A researcher has found design flaws and poor implementation in WPS (Wi-Fi Protected Setup) which makes it much simpler to brute force the protection on Wi-Fi access points that use the technology. The discovery has prompted the US CERT to issue an advisory which suggests disabling WPS as a workaround for the problem. WPS simplifies the process of connecting a device to the Wi-Fi network by pushing a button to start the authentication, entering a PIN number from the new client into the access point, or entering an eight digit PIN number (usually printed on the device) from the access point to configure the connection. It is the last of these connections, known as "external registrar" or wps_reg, that researcher Stefan Viehböck found makes the process vulnerable to brute force attacks as it does not require any authentication.

Read this full article at H Security

Only registered users can write comments.
Please login or register.

Powered by AkoComment!