US-CERT has released a vulnerability notice related to
a critical flaw in the Wi-Fi Protected standard that
opens up routers to attack.
According to the notice, WiFi Protected Setup (WPS) PIN
is susceptible to a brute force attack.
WiFi Protected Setup (WPS) is a computing standard
created by the WiFi Alliance to ease the setup and
securing of a wireless home network. WPS contains an
authentication method called "external registrar" that
only requires the router's PIN. By design this method
is susceptible to brute force attacks against the PIN.
Security researcher Stefan Viehbeck
has reported and
demostrated that some wireless routers do not
implement any kind of lock out policy for brute force
attempts. This greatly reduces the time required to
perform a successful brute force attack. It has also
been reported that some wireless routers resulted in a
denial-of-service condition because of the brute force
attempt and required a reboot.
An attacker within range of the wireless access point
may be able to brute force the WPS PIN and retrieve the
password for the wireless network, change the
configuration of the access point, or cause a denial of
service.
Best practices also recommend only using WPA2
encryption with a strong password, disabling UPnP, and
enabling MAC address filtering so only trusted
computers and devices can connect to the wireless
network.