Thursday, January 12, 2012

Defending against Reaver

Recently a tool, Reaver, was released which brute forces WPS keys (I haven't looked at the source, but it should also be checking to see if the responses from the router will give out any information on partial key guesses):
An attacker can derive information about the correctness of parts the PIN from the AP ́s responses.
If the attacker receives an EAP-NACK message after sending M4, he knows that the 1 half
of the PIN was incorrect. 
If the attacker receives an EAP-NACK message after sending M6, he knows that the 2 half
of the PIN was incorrect.
[From this PDF]
Anyway, turn of WPS from your router settings to protect from this sort of attack. Here's an example from a Netgear router:
And yep it should :)

Send me more screenshots of your own particular router if you want me to post them. @uberscientist on twitter, or email me uberscientist@gmail.com
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)