Apologies if this has been asked before , I am thinking of buying a new cheap router, (netgear) . Is it sufficient to just disable the wps pin ( the only option on this router ) Does this stop brute force attacks. Thank you
Some older NETGEAR router is also vulnerable even with PIN off. So it depends on the model. Something that
There seems to be no definitive answer, no lists to check against. This is the only one I can find, and it is very limited https://docs.google.com/spreadsheet...rue&sortcolid=-1&sortasc=true&rowsperpage=250 The router i was thinking of buying is the Netgear WRN 2200 According to Netgear the vulnerability lies with the pin, so theoretically, disabling the pin, should be enough, even though WPS is not fully disabled. Though according to your link, it says " We’d be a bit worried about leaving WPS enabled, even if the PIN option appears to be disabled." Surely this problem must affect 99% of home routers. I will keep looking
Updated 09/02/2014 07:06 AM How do NETGEAR Home routers defend WiFi Protected Setup PIN against brute force vulnerability?
Yes, i had already seen that, thanks very much anyway Ronjor It;s a bit reassuring,also fairly recent, i also read that some Netgears block attempts ( or slow them down ) after a few unsuccessful attempts of attacks
As you have seen from the google doc on certain firmware you are still vulnerable even if PIN is off. You need to ensure that whatever router you pick-up has a very recent firmware (e.g. R6200, R6300, etc...). Just double check the NETGEAR support page and look for the release notes of the firmware or check on their FTP site (ftp://downloads.netgear.com/). Also choose a router model for which you can find an alternative firmware (http://www.myopenrouter.com/). This way once the router is EOL by the manufacturer you can move to the alternative firmware.... Cheers, Fax