How do I configure my Linksys routers to resist the WPS brute-force vulnerability?

I have the E3000 router and have also been looking for a way to disable it, and as far as my research goes, it is currently not possible (with FW 1.0.04).

That "Manual" switch only affects the GUI, if you look at the beacon (with some WiFi Analyzer) you will notice that WPS is still enabled.

UPDATE: Take a look at here. The guy there basically states (about E3000) that "Vulnerable: YES - however, the WDS falls over quickly so it is not very practical to attack a router.", so thanks to it's vulnerability to denial of service, it withstands the WPS attack...

Information about other routers is also listed in his public google spreadsheet.


As of 1/9/2012, there is no way to fully disable WPS on Linksys products.

See: http://www.smallnetbuilder.com/wireless/wireless-features/31664-waiting-for-the-wps-fix

and

http://arstechnica.com/business/news/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver.ars

MAC address filtering offers some protection, but can easily be bypassed.


While not an ideal solution, installing the DD-WRT or Tomato custom firmwares will resolve this, as they do not implement WPS