WPS brute force attack
A flaw exists in the Wi-Fi Alliance’s WPS specification that allows a hacker with a password generating tool to guess passwords within a few hours (known as a brute-force attack). If a hacker launches a brute force attack on WPS and retrieves the PIN password for the wireless network, he gains the access to a user’s wireless network data.
This flaw exists in all WPS-enabled wireless devices.
Zyxel recommends the following settings to prevent the attack:
- Do not use the WPS PIN Configuration method (see your product’s documentation).
- Use WPA2 encryption with a long password mixing letters and numbers.
- Disable UPnP.
- Enable MAC address filtering and allow only known computers to access your wireless network.
For more information on this vulnerability, please see www.kb.cert.org/vuls/id/723755.
For Zyxel products offered through Internet service providers (ISPs), please contact your ISP if you require further details.