Something slightly more interesting than the usual "Microsoft fails again" from US-CERT. The alert identifier is: TA12-006A
Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack
Systems Affected: Most Wi-Fi access points that support Wi-Fi Protected Setup (WPS) are affected.
Overview: Wi-Fi Protected Setup (WPS) provides simplified mechanisms to configure secure wireless networks. The external registrar PIN exchange mechanism is susceptible to brute force attacks that could allow an attacker to gain access to an encrypted Wi-Fi network.
An attacking client can try to guess the correct PIN. A design vulnerability reduces the effective PIN space sufficiently to allow practical brute force attacks. Freely available attack tools can recover a WPS PIN in 4-10 hours.
For further details, please see Vulnerability Note VU#723755 and further documentation by Stefan Viehbock and Tactical Network Solutions.
The most recent version of the US-CERT announcement is here.
placeholder block for the registrar function.
Yes. We host blogs. Available choices are drupal, movable type, wordpress, and django.