• October 03, 2024, 09:58:11 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: [1] 2

Author Topic: Has anyone verified that WPS disabled is really disabled?  (Read 24014 times)

RogerSC

  • Level 1 Member
  • *
  • Posts: 16
Has anyone verified that WPS disabled is really disabled?
« on: January 05, 2012, 04:53:06 PM »

Now that WPS has been cracked (you can get "reaver" on the internet to run on your Linux laptop or VM), it has been found that several routers that have WPS disable/enable controls in their web GUI's are still vulnerable to attack.

Has anyone verified whether or not that's the case with the DIR-655?  I was feeling pretty good about my router until I read that some routers are still vulnerable to this attack even with WPS disabled in their web controls.

It would be nice to get confirmation for this router on whether I need to stop using it (no open source firmware available that I know of).

Thanks.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #1 on: January 06, 2012, 07:06:14 AM »

WPS? What are you referring too?
Where did you read about this vulnerable attack?
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

RogerSC

  • Level 1 Member
  • *
  • Posts: 16
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #2 on: January 06, 2012, 10:13:14 AM »

Here's a couple of links about this vulnerability:

http://arstechnica.com/business/news/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

http://www.kb.cert.org/vuls/id/723755

The thing that stands out to me is that for some routers, even if WPS is not enabled, they are still vulnerable to this.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #3 on: January 06, 2012, 10:25:08 AM »

Have you contacted D-Link and ask them if they are aware of this? I presume they are.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

RogerSC

  • Level 1 Member
  • *
  • Posts: 16
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #4 on: January 06, 2012, 10:36:49 AM »

According to the CERT notice, yes, they were notified 12/5/2011, and updated on 12/27/2011.

So yes, D-Link knows about this.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #5 on: January 06, 2012, 10:43:54 AM »

So you haven't asked D-Link directly? Will be up to them to fix it if they verify and deem it necessary, if it effects ALL routers or not, test and release it. I would presume it would be a while before we see anything about his regarding FW updates.

In most cases turning off WPS in the router stops this if there is someone attempting this. I recommend doing this anyways as most users of the router don't use this feature unless they have supported devices like a wireless printer that has WPS. In most cases, anything wireless in mainly handled via SSID and the PW people can set up. Turn of  features that your not using on the router.  ;)
« Last Edit: January 06, 2012, 10:47:28 AM by FurryNutz »
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

RogerSC

  • Level 1 Member
  • *
  • Posts: 16
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #6 on: January 06, 2012, 10:51:39 AM »

I haven't found dealing with D-Link support to be very illuminating or useful.  The one time that I did try to talk to them, they wasted a lot of my time, which I'm not eager to repeat.  However, a certain number of people test their router to see if it is vulnerable using the reaver program.  That's what I was trying to find out, if anyone who reads this forum has done this, and what the results were.

My Linksys E4200 was tested by several people and failed.  As a result, I switched it to tomato open source firmware, and it's doing fine.  As there is no open source firmware for this router, which I use as an AP, I thought I'd ask.  Yes, D-Link will have to fix this if the router turns out to be vulnerable.
Logged

RogerSC

  • Level 1 Member
  • *
  • Posts: 16
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #7 on: January 06, 2012, 11:39:29 AM »

By the way, I share your "turn off what you're not using" philosophy for any hardware including routers.  Very little was turned on by me in when I upgraded to the tomato firmware, just basic routing and wireless.  For one thing, that way you don't run into bug in parts of the firmware that you don't care about.  And also the router processor(s) and memory can be used for routing, rather than bandwidth monitoring, etc.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #8 on: January 06, 2012, 12:41:56 PM »

I saw that mentioned in a article about this issue. WPS is on be default. Which it ok for the most part and it's marketing. There just trying people to use the feature. Most people I talk to or help out, I've asked they they don't know about, or don't use it at all. I think it's a nice feature however I don't think it should be ON by default, I'm sure they could find other ways to easily have users enable it with out hassle. But that's me.  ;)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

RogerSC

  • Level 1 Member
  • *
  • Posts: 16
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #9 on: January 06, 2012, 01:49:51 PM »

It's not just you, any security-related feature like WPS should be able to be fully disabled, and in fact should be delivered disabled by default, and have to be enabled to use it.  That would have taken care of this problem for all the people that don't use WPS.  Very little excuse for not being able to fully disable this feature, or having it enabled by default.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #10 on: January 06, 2012, 02:07:12 PM »

Ya I agree, just seems like there are extra features that should be disabled out of the box however were dealing with marking here.  ::)

Well I D-Link knows about it. I might start having people turn it off if there really worried about it.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

RogerSC

  • Level 1 Member
  • *
  • Posts: 16
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #11 on: January 09, 2012, 10:53:17 AM »

If this really works according to:

http://www.smallnetbuilder.com/wireless/wireless-features/31664-waiting-for-the-wps-fix

then with WPS disabled, WPS PIN is not available.  So this should answer my question.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

nicknml

  • Level 3 Member
  • ***
  • Posts: 104
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #13 on: January 12, 2012, 05:12:31 AM »

I tried reaver against a spare router (installed in on Backtrack on a virtual machine) that I have lying around and it really does work (it does take a while, but it does eventually get the PIN)
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Has anyone verified that WPS disabled is really disabled?
« Reply #14 on: January 12, 2012, 07:06:14 AM »

Was WPS ON or OFF for this test?
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.
Pages: [1] 2