Cisco just needs to address the first 4 characters in the router PIN so that the attacker is not given them.  Steve Gibson discussed this in his podcast on TwitTV yesterday

---

Sap2543 wrote:

Cisco just needs to address the first 4 characters in the router PIN so that the attacker is not given them.  Steve Gibson discussed this in his podcast on TwitTV yesterday

---

That would be a partial fix, because it doesn't really matter whether you have to try 11000 or 10 million combinations if the former is feasible in a matter of hours (since then the latter is feasible in a matter of months, and honestly, how often do you change your router password?). Also, if you think about it there is an easy way of speeding up the attack by parallelizing it (divide up the 'keyspace' between several clients, you could even do this with a single physical client with some driver level hacking). The only cap on this kind of attack is AP performance and possible mitigatory measures such as slowing down handling on failed attempts.

In other words, the flaw is basic enough so it's not an implementation issue but a fundamental design flaw, which can only be mitigated in the short term by switching WPS off, or switching off Wifi altogether if the former is not possible. In the long term we need 'WPS2'.

Are we missing the point here?

The WPS design flaw, in itself,  is one thing.

The fact that Cisco Firmware implies functionality that simply does not work however is irresponsible and clearly CISCO's fault.

My E3000 has a disable WPS "switch" which, according to CISCO Support, does not disable WPS. 

This along with the fact that there is no fix, no ETA for a fix or even a list of vulnerable "Home products" like

on their high end product site

http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps

implies to me that "home product" owners cannot expect a very high level of quality support. 

BTW those contemplating DD-WRT or Tomato. be advised that flashing open source firmware will void the warranty. 

(Big Whop).

---

Gonzoatlarge wrote:

Are we missing the point here?

The WPS design flaw, in itself,  is one thing.

The fact that Cisco Firmware implies functionality that simply does not work however is irresponsible and clearly CISCO's fault.

 

My E3000 has a disable WPS "switch" which, according to CISCO Support, does not disable WPS. 

 

This along with the fact that there is no fix, no ETA for a fix or even a list of vulnerable "Home products" like

on their high end product site

http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps

implies to me that "home product" owners cannot expect a very high level of quality support. 

 

BTW those contemplating DD-WRT or Tomato. be advised that flashing open source firmware will void the warranty. 

(Big Whop).

---

http://home.cisco.com/en-us/wireless/linksys/specs?icid=Linksys-nav-Linksys-e-Series-Specs

The E3000 is an EOL legacy linksys product now having been replaced by the E3200.  You may get lucky and linksys will issue updated firmware updates for all the many older wireless routers affected by the WPS exploit in a few months.  Otherwise, you should consider a third-party open source solution if you want to 100% secure your wireless network from any type of exploit...

Member of the Professional Aviation Safety Specialists Union!

Understand. However after reading ALL the warnings and detailed instruction at DD-WRT, I'm somewhat reluctant to flash. Can anyone offer some encouragement? 

You need to contact the DD-WRT forum.

Steve Gibson at Twit TV will have a lot to say about the wireless router vulnerability/flaw tomorrow at 2pm eastern.  Show is called Security Now.  Catch it. http://live.twit.tv/

planet103 : Can you share where you might have gone wrong?