WPS Brute Force Attack

WPS Brute Force Attack

A flaw exists in the Wi-Fi Alliance’s WPS specification that allows a hacker with a password generating tool to guess passwords within a few hours (known as a brute-force attack). If a hacker launches a brute force attack on WPS and retrieves the PIN password for the wireless network, he gains the access to a user’s wireless network data.
This flaw exists in all WPS-enabled wireless devices.
ZyXEL recommends the following settings to prevent the attack:

 

1. Do not use the WPS PIN Configuration method (see your product’s documentation).
2. Use WPA2 encryption with a long password mixing letters and numbers.
3. Disable UPnP.
4. Enable MAC address filtering and allow only known computers to access your wireless network.

 

For more information on this vulnerability, please see http://www.kb.cert.org/vuls/id/723755.
For additional help, please e-mail support@zyxel.com.tw



ZyXEL Worldwide Site Selector

Global

Africa

Asia

Europe

Latin America

Middle East

North America

Oceania