Wi-Fi Protected Setup At Risk - Intrusion Possible Says Researcher

A security researcher has reported the pitfalls in the design and implementation of Wi-Fi Protected Setup (WPS) technology. The default configuration facilitates users to connect to the system without any issue. #-Link-Snipped-# said, WPS is susceptible to brute-force attacks due to the inefficient design specification. This flaw merely allows any stranger with good computing power to brute-force the WPS Pin as it allows the intruder to know when the first half of the 8-digit pin is correct.

#-Link-Snipped-#

The lack of proper security policy (also known as Lock Out policy) after a few failed attempts to guess the pin code of WPS enables the intruder to make such brute-force intrusion successful. The#-Link-Snipped-# confirms that when the PIN authentication fails, the access point sends an acknowledgement as an EAP-NACK message back to the user. These acknowledgement messages are sent in such a way that the attackers become quite comfortable in determining if the first half of the pin is correct. Moreover the last digit of the pin may be revealed to the user as it is a checksum for the PIN Code. This flaw enormously reduces the number of attempts to be made by the attacker in stealing the PIN.

This seems to be a warning to the essential users of the wireless access points. The attacker within the wireless range of that access point may intrude to retrieve the password of the system, alter system configurations or activate the Denial of Service condition. It is a recommendation by the US-CERT to disable the WPS and help eradicate such big threats.

Source:#-Link-Snipped-# | Image Credit:#-Link-Snipped-#