Use a Linksys Router? You’ve Got Security Problems

Burglar breaking in

One of the bigger security-related stories over the past week concerns a vulnerability in WiFi Protected Setup (WPS). WPS is designed to be an easy way for inexperienced users to set up a secure network, using methods such as inputing a PIN from your router into your computer or other device. The problem is that the PIN, which is 8 digits long, is susceptible to brute force attacks. In fact, a free tool named Reaver can crack that PIN in just a few hours. This vulnerability exists regardless of the kind of security you’re using on your network, so even WPA2 is at risk. This means that the kid next door could get Reaver running, go off and watch a movie, and a few hours later he is in your network. The solution? Turn off WPS. Unfortunately, you can’t do this with modern Linksys routers.

Most Linksys routers have a setting to switch WPS to manual. Testing has revealed, though, that this switch doesn’t disable WPS. You only have a few solutions to secure your network if you have a vulnerable Linksys router:

  • Completely disable WiFi on your network, and go with only wired connections;
  • Get another (non-Linksys) router;
  • Install a third-party firmware on your router, such as DD-WRT or Tomato, if your router supports it.

Other methods, such as MAC address filtering (a way to restrict access to your network to predesignated devices) or hiding your SSID don’t really protect you, as a MAC address can easily be detected and spoofed, and even an invisible SSID can be detected.

I have a Linksys E2000. I was going to install Tomato, as I used it on a previous router and thought it was great. Unfortunately, Tomato doesn’t have a user interface that allows you to easily set up a guest network. As a result, I installed DD-WRT onto my router. Even that required a bit of tweaking to get a guest network set up.

Do you have a Linksys router? What are you doing to secure your network?

Evan Kline

Hello, I'm Evan. I write about tech from my perspective – that of the average 40-something tech geek. You can also find me on Twitter and at my real-life job as a lawyer.    MORE ABOUT ME.


  1. Very timely. I just replaced my Linksys router because it was randomly refusing connections to some of the devices on my network. There are five devices on the network, and you never knew which one(s) would be unable to connect. I’d have the power cycle to router to fix the issue.

    Replaced it with a Medialink, which has a simple method to disable WPS.

    • Troubleshooting a router sometimes is like voodoo. Knock on wood, but I think I finally got my Linksys E2000 working without issue. I installed DD-WRT on it, and then had some wireless dropouts and freezes after setting up a guest network. Turns out it was user error, I think, as I had forgotten that remnants of an earlier failed attempt to set up the guest network were present in my settings, conflicting with the new settings.

      One thing that is both cool and eye-opening about DD-WRT is that it will tell you how many processes are connecting to the Internet on your network. My 7 or 8 devices were responsible for a total of 222 processes, such as my menubar weather app, CrashPlan, Dropbox, etc.

Leave a Reply