A flaw exists in the Wi-Fi Alliance’s WPS specification that allows a hacker with a password generating tool to guess passwords within a few hours (known as a brute-force attack). If a hacker launches a brute force attack on WPS and retrieves the PIN password for the wireless network, he gains the access to a user’s wireless network data.
This flaw exists in all WPS-enabled wireless devices.
ZyXEL recommends the following settings to prevent the attack:
- Do not use the WPS PIN Configuration method (see your product’s documentation).
- Use WPA2 encryption with a long password mixing letters and numbers.
- Disable UPnP.
- Enable MAC address filtering and allow only known computers to access your wireless network.