Why Your Wireless Network May Not Be As Secure As You Think

I have written several posts on securing a wireless router. I have even written posts that provide step-by-step detail on how to secure specific models of wireless routers. While you should enable WPA2 and use a strong passphrase, that may not be enough to keep your wireless network protected by unauthorized users.

In many routers manufactured today, there is a known issue related to a technology that has been pushed by the wireless industry to make setting up and securing a wireless network easier. Unfortunately, this new technology has also opened up a large security hole that can allow unauthorized users access to your wireless network – even if you secured your network with WP2 and a strong passphrase.


Why Your Wireless Router May Not Be As Secure As You Think

WPS – WiFi Protected Setup

When wireless networks started to become popular, many people weren’t aware of the security that needed to be implemented in order to protect their network. Most people were just used to use standard network routers where you just plugged in a computer using a network cable and everything was good to go.

Unfortunately, with wireless, security is vital. Anyone with a wireless network card that is within range of your wireless router can connect to your network. The problem is that many people don’t understand how to properly secure a wireless router. Let’s face it, many people don’t want to navigate through an array of confusing options and try to understand terms like WPA, WPA2, AES, TKIP, etc.

In 2007, the WiFi Alliance created WiFi Protected Setup (WPS) that provides an easy way for someone to configure and setup security on a wireless network. The way WPS works is a wireless router is shipped with a personal identification number (PIN) – usually 8 digits in length – that is printed on a sticker on the router. With WPS, a user can then enable encryption for the wireless network by pressing a button on the router and then entering the PIN in the network’s setup wizard.

While this sounds like a great way of connecting devices to a wireless network easily, there is one issue: is can easily be hacked. WPS was created with usability in mind and not security.

In December 2011 researcher Stefan Viehböck reported a flaw that showed brute-force attach feasible against WPS. This flaw allows unauthorized users to gain access to a wireless network.

While the PIN is an 8 digit number, the last digit is a checksum of the first 7 digits, which leaves 107 = 10,000,000 possible PIN numbers. The issue is that the router will confirm validity of the first half (4 digits = 10,000 possibilities) and the second half (3 digits = 1,000 possiblities) separately, which reduces the number of possibilities to guess to about 11,000. Since WPS doesn’t lockout after several incorrect attempts, it wouldn’t take long for a device to guess the correct PIN and gain access to the wireless network..

Protecting Your Network

The issue with WPS is that many routers may have it enabled by default – even if you have used the feature or not. This makes your wireless network vulnerable to a brute-force attack.

The only solution, at the moment, is to disable WPS from within the router’s administrative dashboard. Some routers provide an option to disable WPS, while others require a firmware update. My Linksys E4200 required a firmware update to disable WPS.

If you are unsure of whether your router provides the ability to disable WPS, you should ask the manufacturer, or use their support forums and ask other owners. You may have to update the firmware on your router, as I had to do.

While WPS provides an easy way to attach devices to your wireless network, the lack of security in such a feature, in my opinion, far outweighs the usability. I suggest you manually attach devices to your network, once the network is secured, and turn off WPS instead.

PG

About Paul Salmon

Paul Salmon is the founder of Technically Easy. He is a an experienced PC user, and enjoys solving computer-related problems that he encounters on a regular basis.

Facebook | Twitter | Google+

Networks

3 Comments

  1. Posted June 4, 2013 at 4:58 am | Permalink

    Although I knew that one should always keep their Wireless network secure and safe, but this was an eye-opener. I’m going to check my WiFi’s security right away. Thanks!

    • Posted June 4, 2013 at 11:35 am | Permalink

      Not many people realize that WPS is enabled on their router. Many of the manufacturers have been asked to provide a way of disabling this feature, with some updating their firmware to include it.

  2. Posted May 30, 2013 at 8:34 am | Permalink

    The wireless network is pretty dangerous. if you have small kinds especially you have to be careful with it

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Subscribe without commenting

  • About Me

    I am Paul Salmon, an avid technology fanatic who is always learning new things. My goal is to inform and help others with technology.

    With this blog I try to cover various topics on this blog to cover a broad range of topics.

    Read more...

  • Recommended Tool

    Namecheap.com - Cheap domain name registration, renewal and transfers - from only $3.98/Year

    Namecheap is a great, and popular, place to buy a domain name. They have some of the cheapest rates for domains anywhere. I currently have a few domains with Namecheap.

    If you buy a domain through Namecheap using the above image, I will provide free help with connecting your domain with your website.

  • Recent Posts