DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

WPS security hole

  • dottedquad
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
11 Jan 2012 14:57 #70725 by dottedquad
WPS security hole was created by dottedquad
I see that WPS (Wi-Fi Protected Setup) has a serious security flaw.

See for example:

http://www.smallnetbuilder.com/wireless/wireless-features/31664-waiting-for-the-wps-fix

or

http://www.h-online.com/open/news/item/Wi-Fi-Protected-Setup-made-easier-to-brute-force-Update-1401822.html

The first of these links states that for some routers disabling WPS didn't really shut it off!

Is my Vigor 2820n vulnerable - even though it doesn't have WPS enabled? Its firmware version is 3.3.7_232201.

Please Log in or Create an account to join the conversation.

More
14 Jan 2012 10:16 #70755 by crossmfg
Replied by crossmfg on topic Re: WPS security hole
I am also concerned about this - is anyone aware of any statement form Draytek on this issue ?

Please Log in or Create an account to join the conversation.

  • dottedquad
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
15 Jan 2012 09:17 #70775 by dottedquad
Replied by dottedquad on topic Re: WPS security hole
I flagged the issue with http://www.support.draytek.uk on 12th Jan.
They are checking with Draytek's engineers, and will let me know.
I'll copy their reply here (if they don't do so themselves).

Martin

Please Log in or Create an account to join the conversation.

More
19 Jan 2012 09:15 #70840 by panibundy
Replied by panibundy on topic Re: WPS security hole
But are DrayTek routers even affected by this as you have to start the WPS manually on the 2830. You either click the button for push button connection, or provide a pin number of your choosing?
: and then then an alphanumeric code - is that different to the the 4 or 8 digit WPS pin that the media are referring to?

Please Log in or Create an account to join the conversation.

  • dottedquad
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
20 Jan 2012 18:19 #70865 by dottedquad
Replied by dottedquad on topic Re: WPS security hole
Draytek Support have just confirmed to me that disabling WPS on the 2820n really does disable it:

Hello Martin,

Vigor 2820 is not vulnerable to this security flaw.It disables
completely on router.

Regards,

Adam

http://www.support.draytek.co.uk



I haven't asked about the 2830.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami