WiFi Setup Flaw May Lead To Cracked Router Security Pins
Today US-CERT has issued a warning regarding a newly discovered flaw in the WPS (WiFi Protected Setup Standard). The flaw causes too much information on the PIN being returned to a brute force attacker, which subsequently results in making the PIN vulnerable to being cracked. This flaw could put the security of millions of WiFi routers and access points at risk.
Common routers known to be at risk include D-Link, Netgear, Linksys, and Buffalo, however, the issue is not limited to just these specific brands.
In summary, the flaw deals with communication messages sent back during a failed connection attempt where the messages are sent in such a way that the attacker could determine if the first half of the PIN number is correct. Subsequently, the last digit of the PIN is can be determined because it is actually a checksum of the PIN.
This vulnerability can lead to a successful brute force attack, especially with a router that has no lock out policy. Typically this means that open, loosely secured public Wi-Fi networks are at an even greater risk of
being compromised.
US-CERT has recommended disabling your WPS PIN on your router, and only turning it on when adding a new device to the network. Disabling it altogether is highly recommended as some wireless routers can respond by locking-up when hit with a surge of unsuccessful attempts, requiring a reboot of the router.
If you have questions of concerns regarding this topic, please contact the CCS Retail Systems Support Department.
"American Recovery and Reinvestment Act has officially extended the Section 179 Tax Deduction increases for the 2011 Tax Year"
We have selected two dozen Recent New Retail CounterPoint SQL POS Customers to Profile for you. 
Great Deals! New and Refurbished Systems. Netbooks, Notebooks, Desktops, Servers, Storage Systems, Retail Devices. Configure your own Systems for us to install. 
