WNDR3700 meets DD-WRT
Posted: January 1, 2012 Filed under: Uncategorized | Tags: dd-wrt, security, wifi, wndr3700, wps Leave a comment »Many wireless access points have a “convenience” setup feature called WPS. Unfortunately WPS introduces a security weakness that allows an attacker to recover the WPA/WPA2 passphrase in a few hours[1, 2].
I have a Netgear WNDR3700 dual-band wireless access point, which includes the WPS feature. Prompted by the disclosures, mentioned above, I had a closer look at how WPS worked on the Netgear AP. WPS seems to be permanently enabled. The AP has an option to allow the router to disable WPS for a time, if there are too many connections attempts. This seemed like an unnecessary risk, so I decided to change the firmware to something without this vulnerability: dd-wrt.
The installation process has a reputation of being quite touchy and prone to bricking the router. Installation is set out on the WNDR3700 wiki page. Currently you need to install build r16785 on the router, then once the installation is complete and the NVRAM rebuilt, use the dd-wrt web admin interface to upgrade the firmware to a more recent version. I used webflash build r17201. I also tried a more recent build, r18024, but the 5GHz radio didn’t work properly. If you brick the router, use the recovery procedure here.
Finally, to ensure the clients can connect at the full 300Mbps, you need to configure the wireless settings from the advice in the Atheros wiki page.
