March 17, 2012, 7:47 AM — By default, wireless routers and access points have security turned off. Without Wi-Fi security enabled, anyone nearby can leech off your wireless Internet, see where you're browsing, capture your passwords to some websites, and possibly access your PCs and files. Some models help you turn security on via a wizard during initial setup or recommend using buttons or PINs; others require you to enable it manually via the router's Web interface.
But even with Wi-Fi Protected Access 2 (the latest security standard) enabled, hackers can exploit vulnerabilities to crack your Wi-Fi security. Here's how to combat these weaknesses.
The most recently discovered major Wi-Fi vulnerability involves the Wi-Fi Protected Setup feature found in most Wi-Fi routers made since 2007. Though WPS doesn't provide security itself, it's supposed to simplify turning on the personal (PSK) mode of WPA or WPA2 security.
Networking manufacturers can incorporate two methods of using WPS to help secure and connect your Wi-Fi devices. In the PIN method--the source of the latest vulnerability--you enter the eight-digit PIN assigned to your router into Wi-Fi-equipped computers and devices that also support WPS, in order to connect them to the wireless router. The alternative is to assign a PIN to your PC or to any other Wi-Fi-equipped device that supports WPS and then enter it into your router's Web interface in order to connect the device to the network.
Faulty underlying design of the WPS PIN method on routers makes it easier for an attacker to crack the PIN combination by brute force using software tools that repeatedly guess the PIN. Manufacturers can add enhancements to combat such attacks on their routers, but most of them haven't yet done so.
Two existing tools--Reaver and wpscrack--can automate the cracking. Depending on the exact wireless router, these tools can usually figure out a network's PIN and full Wi-Fi password (the WPA or WPA2 passphrase) within a few hours.
The WPS cracking process can also lock-up your wireless router, thus causing a denial-of-service attack. This can lead to major performance problems on your network and even stop it from working altogether until you reset your router.
Fixing the Vulnerability
If your router supports WPS, it's vulnerable. Look for an eight-digit PIN printed on the bottom or a WPS logo on the router. If you don't see either one, run a Google search for your model number, and find its product description or data sheet online. If you still have the box, examine it. If your router doesn't support WPS, then it isn't subject to this WPS vulnerability.