Potential WIFI Router Vulnerability

Discussion in 'Digital Cameras' started by charles, Jan 14, 2012.

  1. charles

    charles Guest

    http://www.datacenterjournal.com/it/protect-your-network-from-the-wi-fi-wps-vulnerability/



    If you are using a Wi-Fi router to provide access to your home,
    business or customers (such as in a coffee shop), then you need to
    take action to protect your network from a recently discovered
    security weakness. Discovered late last year (2011) by Stefan
    Viehböck, this vulnerability in Wi-Fi Protected Setup (WPS) affects
    numerous Wi-Fi devices from a range of vendors. Details of the
    vulnerability have been made public; in other words, hackers know
    about it and will, no doubt, exploit it in unprotected systems.

    <more at the posted URL>
     
    charles, Jan 14, 2012
    #1
    1. Advertisements

  2. charles

    Eric Stevens Guest

    It's worse than that. Your printer may be vulnerable too. See


    Regards,

    Eric Stevens
     
    Eric Stevens, Jan 14, 2012
    #2
    1. Advertisements

  3. charles

    CyberDroog Guest

    Rule of thumb: when implementing any password system, have your device
    respond with a simple "yes" or "no", rather than "you're getting warmer!"
     
    CyberDroog, Jan 15, 2012
    #3
  4. charles

    Alan Harding Guest

    1) Is something supposed to happen?

    2) Wireless is more vulnerable than old-fashioned wires. It wasn't
    difficult to predict. All my printers are hard-wired, and switched off
    when not being used.
     
    Alan Harding, Jan 15, 2012
    #4
  5. charles

    Alan Harding Guest

    Three strikes and you're out (sometimes for half an hour).
     
    Alan Harding, Jan 15, 2012
    #5
  6. You really should watch the video, as it is very informative.

    The printer vulnerability is not related to wireless at all,
    and switching it off when not in use is not significant.

    If you have an HP printer and do not want someone else to
    be able to see *everything* you print, take action:

    Verify the date of your printer's current firmware.

    1) If the firmware is dated Dec 2011 or newer, your
    printer has already been infected, and cannot
    be repaired. It should be *replaced*.

    2) If the firmware is date older than Dec 2011,
    obtain HP's latest firmware and install it.


    A few simple points the YouTube video presented:

    1) Your printer does not need to be connected to the
    Internet to be infected. (Printing something as
    innocuous as a "greeting card" sent by a friend or
    downloaded from the Internet can infect the printer.)

    2) Once infected, even a firewall protected printer
    can send data to virtually anywhere on the Internet.

    3) The malicious software can *permanently* write itself
    into the boot code (in flash memory) and then prevent
    anyone from ever writing to flash memory again.
     
    Floyd L. Davidson, Jan 15, 2012
    #6
  7. Per Floyd L. Davidson:
    FWIW, on my HP 5000, that consisted of Menu | INFORMATION MENU |
    PRINT CONFIGURATION and then looking at Printer Information |
    Firmware Datecode: on the resulting printout.

    Mine was "19980714 MB3.68" - with I'm assuming is July of 1998.

    Now to find a link....
     
    (PeteCresswell), Jan 15, 2012
    #7
  8. charles

    Alan Browne Guest

    Don't use WPS. Use WEP2 / AES and only give the key to those you trust.
    Change it every few months.

    That doesn't fly well for a business (coffee shop, small motel/hotels, etc.)

    I've always wondered why schemes like WPS (or WEP for that matter) don't
    implement a "growing delay" deterrence when a given MAC address attempts
    authentication:

    Try once, fail, delay 1 second before next try
    Try again, fail, delay 2 seconds ...
    4
    8
    16
    etc.

    Such would defeat brute force attacks on even low number of attempt
    machines as described in the article.

    The iPhone PIN access (keypad) does something similar to that when the
    device is locked but reaches a "saturation" lockout after (IIRC) the 5th
    try and won't respond for an hour afterward (something along those lines).
     
    Alan Browne, Jan 15, 2012
    #8
  9. charles

    Alan Browne Guest

    Just double a delay time. 1 sec, then 2, 4, 8, ... you'll get to the
    half hour pretty quick.
     
    Alan Browne, Jan 15, 2012
    #9
  10. charles

    Peter Chant Guest

    Worse than that, some sites have been suggesting that disabling WPS on the
    web interface on some models of router does not actually disable WPS.

    Pete
     
    Peter Chant, Jan 15, 2012
    #10
  11. charles

    Eric Stevens Guest

    Yep: a YouTube video.
    Its a pity you werent able view the video. It describes how it is
    possible to infect a printer with malicious code by asking it to print
    an email (or other electronic) document which has been constructed to
    incorporate the malicious code. That's why the YouTube video is
    entitled "Print me if you dare".

    Regards,

    Eric Stevens
     
    Eric Stevens, Jan 15, 2012
    #11
  12. charles

    Alan Browne Guest

    Ref?
     
    Alan Browne, Jan 15, 2012
    #12
  13. charles

    CyberDroog Guest

    WPA2/AES

    Running better firmware, such as DD-WRT helps also. One very simple thing
    you can do is simply to turn down the radio power so your system isn't a
    bright, shining beacon.
     
    CyberDroog, Jan 16, 2012
    #13
  14. charles

    Alan Harding Guest

    It worked this time. It was fascinating stuff -- not at all what I
    expected, much worse! I don't have any HPs, but I can't think of a
    reason why it couldn't affect my printers, router, etcetera. My only
    question is, do microwaves have embedded chips?
     
    Alan Harding, Jan 16, 2012
    #14
  15. charles

    Eric Stevens Guest

    Are they on your network?

    Regards,

    Eric Stevens
     
    Eric Stevens, Jan 16, 2012
    #15
  16. charles

    John A. Guest

    Haven't watched the vid yet, but I recall hearing about HP printers
    being hacked into acting as web proxies etc. back in the 90s. I
    thought the had fixed that.

    Now that I think of it, though, that was done via telnet or some such
    interface, not a printed file. Though there were config commands that
    could be sent by printing. I once got a frown from my manager when I
    changed the READY status message on the display to INSERT 25 CENTS.
     
    John A., Jan 16, 2012
    #16
  17. charles

    Alan Harding Guest

    No, but I did set it on fire last week, and, bearing in mind the initial
    press coverage...
     
    Alan Harding, Jan 16, 2012
    #17
  18. .... thereby setting the firmware to a date newer than Dec 2011.
    Then do Check 1) again and ...

    -Wolfgang
     
    Wolfgang Weisselberg, Jan 17, 2012
    #18
  19. charles

    Contrarian Guest

    wow. If and when I get a printer...
     
    Contrarian, Jan 17, 2012
    #19
  20. charles

    % Guest


    hi
     
    %, Jan 17, 2012
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.