WPS brute force attack


A flaw exists in the Wi-Fi Alliance’s WPS specification that allows a hacker with a password generating tool to guess passwords within a few hours (known as a brute-force attack). If a hacker launches a brute force attack on WPS and retrieves the PIN password for the wireless network, he gains the access to a user’s wireless network data.
This flaw exists in all WPS-enabled wireless devices.

Zyxel recommends the following settings to prevent the attack:

  1. Do not use the WPS PIN Configuration method (see your product’s documentation).
  2. Use WPA2 encryption with a long password mixing letters and numbers.
  3. Disable UPnP.
  4. Enable MAC address filtering and allow only known computers to access your wireless network.

For more information on this vulnerability, please see www.kb.cert.org/vuls/id/723755.

For Zyxel products offered through Internet service providers (ISPs), please contact your ISP if you require further details.