Potential WIFI Router Vulnerability

http://www.datacenterjournal.com/it/...vulnerability/



If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

more at the posted URL

On Sat, 14 Jan 2012 12:29:23 -0800, charles
wrote:

http://www.datacenterjournal.com/it/...vulnerability/



If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

more at the posted URL

It's worse than that. Your printer may be vulnerable too. See
http://www.youtube.com/watch?v=njVv7J2azY8

Regards,

Eric Stevens

In message , Eric Stevens
writes
On Sat, 14 Jan 2012 12:29:23 -0800, charles
wrote:

http://www.datacenterjournal.com/it/...from-the-wi-fi
wps-vulnerability/

If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

more at the posted URL

It's worse than that. Your printer may be vulnerable too. See
http://www.youtube.com/watch?v=njVv7J2azY8

1) Is something supposed to happen?

2) Wireless is more vulnerable than old-fashioned wires. It wasn't
difficult to predict. All my printers are hard-wired, and switched off
when not being used.

--
The opinions given above may be mine. They might also
just be what I feel like saying right now, okay?

In message , CyberDroog
writes
On Sat, 14 Jan 2012 12:29:23 -0800, charles
wrote:

http://www.datacenterjournal.com/it/...from-the-wi-fi
wps-vulnerability/

If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

Rule of thumb: when implementing any password system, have your device
respond with a simple "yes" or "no", rather than "you're getting warmer!"

Three strikes and you're out (sometimes for half an hour).

--
The opinions given above may be mine. They might also
just be what I feel like saying right now, okay?

Alan Harding wrote:
In message , Eric Stevens
writes
On Sat, 14 Jan 2012 12:29:23 -0800, charles
wrote:

http://www.datacenterjournal.com/it/...from-the-wi-fi
wps-vulnerability/

If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

more at the posted URL

It's worse than that. Your printer may be vulnerable too. See
http://www.youtube.com/watch?v=njVv7J2azY8

1) Is something supposed to happen?

2) Wireless is more vulnerable than old-fashioned wires. It wasn't
difficult to predict. All my printers are hard-wired, and switched off
when not being used.

You really should watch the video, as it is very informative.

The printer vulnerability is not related to wireless at all,
and switching it off when not in use is not significant.

If you have an HP printer and do not want someone else to
be able to see *everything* you print, take action:

Verify the date of your printer's current firmware.

1) If the firmware is dated Dec 2011 or newer, your
printer has already been infected, and cannot
be repaired. It should be *replaced*.

2) If the firmware is date older than Dec 2011,
obtain HP's latest firmware and install it.


A few simple points the YouTube video presented:

1) Your printer does not need to be connected to the
Internet to be infected. (Printing something as
innocuous as a "greeting card" sent by a friend or
downloaded from the Internet can infect the printer.)

2) Once infected, even a firewall protected printer
can send data to virtually anywhere on the Internet.

3) The malicious software can *permanently* write itself
into the boot code (in flash memory) and then prevent
anyone from ever writing to flash memory again.

--
Floyd L. Davidson http://www.apaflo.com/
Ukpeagvik (Barrow, Alaska)

Per Floyd L. Davidson:
Verify the date of your printer's current firmware.

1) If the firmware is dated Dec 2011 or newer, your
printer has already been infected, and cannot
be repaired. It should be *replaced*.

FWIW, on my HP 5000, that consisted of Menu | INFORMATION MENU |
PRINT CONFIGURATION and then looking at Printer Information |
Firmware Datecode: on the resulting printout.

Mine was "19980714 MB3.68" - with I'm assuming is July of 1998.


2) If the firmware is date older than Dec 2011,
obtain HP's latest firmware and install it.

Now to find a link....
--
Pete Cresswell

On 2012-01-14 15:29 , charles wrote:
http://www.datacenterjournal.com/it/...vulnerability/



If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

more at the posted URL

Don't use WPS. Use WEP2 / AES and only give the key to those you trust.
Change it every few months.

That doesn't fly well for a business (coffee shop, small motel/hotels, etc.)

I've always wondered why schemes like WPS (or WEP for that matter) don't
implement a "growing delay" deterrence when a given MAC address attempts
authentication:

Try once, fail, delay 1 second before next try
Try again, fail, delay 2 seconds ...
4
8
16
etc.

Such would defeat brute force attacks on even low number of attempt
machines as described in the article.

The iPhone PIN access (keypad) does something similar to that when the
device is locked but reaches a "saturation" lockout after (IIRC) the 5th
try and won't respond for an hour afterward (something along those lines).

--
"We demand rigidly defined areas of doubt and uncertainty."
Douglas Adams - (Could have been a GPS engineer).

On 2012-01-15 04:59 , Alan Harding wrote:
In message , CyberDroog
writes
On Sat, 14 Jan 2012 12:29:23 -0800, charles
wrote:

http://www.datacenterjournal.com/it/...from-the-wi-fi
wps-vulnerability/

If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

Rule of thumb: when implementing any password system, have your device
respond with a simple "yes" or "no", rather than "you're getting warmer!"

Three strikes and you're out (sometimes for half an hour).

Just double a delay time. 1 sec, then 2, 4, 8, ... you'll get to the
half hour pretty quick.

--
"We demand rigidly defined areas of doubt and uncertainty."
Douglas Adams - (Could have been a GPS engineer).

Alan Browne wrote:

Don't use WPS. Use WEP2 / AES and only give the key to those you trust.
Change it every few months.

Worse than that, some sites have been suggesting that disabling WPS on the
web interface on some models of router does not actually disable WPS.

Pete

--
http://www.petezilla.co.uk

On Sun, 15 Jan 2012 09:57:23 +0000, Alan Harding
wrote:

In message , Eric Stevens
writes
On Sat, 14 Jan 2012 12:29:23 -0800, charles
wrote:

http://www.datacenterjournal.com/it/...from-the-wi-fi
wps-vulnerability/

If you are using a Wi-Fi router to provide access to your home,
business or customers (such as in a coffee shop), then you need to
take action to protect your network from a recently discovered
security weakness. Discovered late last year (2011) by Stefan
Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
numerous Wi-Fi devices from a range of vendors. Details of the
vulnerability have been made public; in other words, hackers know
about it and will, no doubt, exploit it in unprotected systems.

more at the posted URL

It's worse than that. Your printer may be vulnerable too. See
http://www.youtube.com/watch?v=njVv7J2azY8

1) Is something supposed to happen?

Yep: a YouTube video.

2) Wireless is more vulnerable than old-fashioned wires. It wasn't
difficult to predict. All my printers are hard-wired, and switched off
when not being used.

Its a pity you werent able view the video. It describes how it is
possible to infect a printer with malicious code by asking it to print
an email (or other electronic) document which has been constructed to
incorporate the malicious code. That's why the YouTube video is
entitled "Print me if you dare".

Regards,

Eric Stevens