In this video, explore the technology behind WPS, a method for easily connecting to a secure wireless network.
- Check out my brand new color printer. I love this printer, you should have heard the salesman tell me about it. I can plug it in through USB, it's got an RJ45 for network capability, but the coolest part is that it's wireless. I'm all excited that I can just put this printer anywhere I want in my office and everybody will be able to print to it wirelessly. Well, taking devices other than computers and connecting them to wireless networks has always been a challenge.
Not that long ago, the primary way we would do it is sometimes these printers would have some big interface and we'd have to program in which SSID for it to use and type in the WPA2 password and all that. And we still see some of that. The other way we could do it, is I would plug in USB and I would have a little disk that came with it and I would have to go about configuring this guy so that it could plug into the wireless network. Then unplug the USB and put it wherever I want it. Well, these are all kinda painful processes and not easy for normal people.
So a few years ago, the WiFi Alliance, the people who make all this stuff, came out with something called WPS or Wi-Fi Protected Setup. The idea behind Wi-Fi Protected Setup basically is this. You take your wireless access point or router and you press a button on the router. Just press a button. You now have about 60 seconds to walk over to whatever you might have and press a button there and they will automatically configure themselves with WPA2, passwords, the whole shebang, you don't have to do anything.
Sounds great right? Well, it is. Well, it isn't. The problem with WPS is that it's a really great concept. Literally push button wireless configuration. However, the problem starts right here. This is a little fairly modern, wireless access point. This is a home router system, this is made by Cisco, called the E2500 not even two years old yet. And it is WPS capable so what I need you to do is first of all, take a look on the back of this guy.
Now if you look on the back of this router you'll see it's got a little blue button right here. If I want to connect this printer to this router, I start off by going over to the router, and I press this button. Now I got about 60 seconds to press this button over here. And that's really all I have to do and they're automatically connected. WPS is a lot of fun. In fact, most network cards have a WPS button as well, this little network card has one here also, if I want to use WPS.
The cornerstone of WPS is an eight digit code, it's too small, I can't show it to you here, so I printed it out big. It's an eight digit code that's separated by a dash and this is the secret code that's being queried and passed between the devices. Now this looks pretty cool and it is, in fact, WPS is so important now, that any device, in order to be accredited by the WiFi Alliance, has to be WPS capable so everybody is WPS. Except, well, there's one huge problem.
And it's this eight digit code. The process we go through to get this eight digit code accepted electronically, is that it accepts the first four digits, then it says "Good job!" and it accepts the next eight digits. To try to figure out an eight digit code, could take, depending on how you look at it, years to figure out a four digit code, takes under an hour. So guess what? WPS while convenient, is so incredibly hackable that it's just goggles their imagination.
It's unreal and to make it worse, it's not like there's some little piece of firmware that we can throw into these devices and magically fix the problem. The WPS people are just like, Uh-oh! And nobody is enacting a repair. There is nothing to repair short of massive redoing not only the standards, but ten bazillion devices. Every printer, every network card, every router all of these would have to be redone through some kind of super patch that just isn't going to happen.
So the answer is, turn off WPS. Well, that sounds great, unfortunately, a lot of devices simply cannot have WPS turned off. One of the things we're seeing people do especially with these home routers is that they're ripping out the firmware that came from D-Link or Cisco or Linksys or whatever it might be. And they're using third party tools like DD-WRT and things like that to get around it. The bottom line is that WPS, while it sounds fantastic, and it is, it's amazingly convenient, has a fatal Achilles heel that makes everybody come up to one conclusion: turn it off.
This Total Seminars course covers the exam certification topics. For information on additional study resources—including practice tests, lab simulations, books, and discounted exam vouchers—visit totalsem.com/linkedin. LinkedIn Learning members receive special pricing.
This course was created by Total Seminars. We are pleased to offer this training in our library.
We are a CompTIA Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Implementing wireless security
- Threats to your wireless network
- Wi-Fi Protected Setup
- Installing a wireless network
- Cloud ownership and implementation
- Creating a virtual machine
- PaaS, SaaS, and IaaS
- Mobile networking
- Deploying mobile devices