Hi all. First off this is my first post on the forums, and I've been a Comcast customer for a while. Even got my dad's dental office to switch over from AT&T DSL to a bundle package from Comcast (despite him having AT&T employee patients who discouraged it lol).
Anyway my question is pretty much in the Subject/Topic line.
Here's the router/modem combo unit by Arris for those of you who aren't sure which one this is:
It's a 2.4 Ghz and 5ghz dual band unit
Problem with WPS is at least if someone using Linux, they can run what's called Reaver or another program called Bully , which both, using your router's BSSID or broadcasted MAC address (which is detectable via Kismet, or Reaver's tool called "wash" which actually detects nearby AP's which have WPS capability) estabilsh a connection to your AP and keep guessing the 8 digit WPS PIN which you can usually find on a sticker, mine's on the bottom, of the Arris unit should you have one, or whatever other brands Comcast might use. Luckily, more advanced Access Points with WPS have a sort of throttling feature which will lock down the WPS should it detect too many "guesses" by these programs too quickly... but in time the lock turns off, and at least Bully , out ofthose two programs, allows the user to save their progress (remember which PINs have failed per unit)
Not to mention, there are only up to 11,000 possible guesses until that person who could be your apartment neighbor, whoever, with a linux machine and packet injection capable wifi card (mine is, and I didn't even try to get one like it), gets right into your router settings.
So having said that, and I'm not condoning malicious hacking, but I think we need to talk about realities, this is a good reason not to leave your 10.0.0.1 or whatever IP your gateway login is on the default userame/password like admin / password ...
definitely change that administration password every couple weeks or so anyway if you are able to and don't leave it on default as the defaults are well known. So anyway there's my question and some information to help fellow Comcast customers avoid getting broken into by WPS cracking. WPS by the way is often that little button you push on the top of the unit, which flashes a light and then you enter your PIN.
I see no options in my firmware settings to turn it off. I have other suggestions as far as firmware updates for Comcast in the future (unless they actually depend on what Arris is willing to do, I don't know) so will make other threads in the future. Thank you for your attention and help.
Solved! Go to Solution.