How rediculous is the 802.11 craze..?
Page 1 of 3 123 LastLast
Results 1 to 10 of 29

Thread: How rediculous is the 802.11 craze..?

  1. #1
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672

    How rediculous is the 802.11 craze..?

    So here I am at work, working on the configuration of one of my access points when an idea hits me... I had a little time to spare so I grabbed my laptop and did a quick site test, then proceeded to download some software and break into my network to see how easy it really is...
    needless to say the results were startling. I walked across the street from my building and I was still connected via my WAP... Now, I will state that when I did this testing I had 128 bit WEP turned on, broadcasting of the SSID off, and mac filtering enabled.

    my mac address was not in the allowed mac address list. I didn't have the key inputted , and I had no idea what the SSID was(atleast my computer didn't).
    I fired up the program I had downloaded and wham...in the time it takes to get an IP address, I had already discovered the SSID of my WAP, its operating channel, and its mac address, and the type of encryption being used.....

    Are you getting the idea yet ?

    It is that easy folks. For another test of sorts I walked to my car and turned on my laptop. I was on the way to the mall for some new books and decided this would be fun. all I had was my laptop and wireless NIC.(orinoco gold if you must know)
    The instant I logged into my machine I was on the internet, some poor chap in the house near where I park was wireless too. I checked the web connection and it was stable at 5.5Mbps...not bad for being in my car. I drove to the corner after laughing a bit, and boom...picked up 3 overlapping signals. They were starting to roll in and I hadn't even travelled 500ft yet.... I drive down the street a little more and they are really rolling in now.. my program is beeping every few seconds with another WAP discovered. needless to say this was exciting and very very alarming.

    I drive down a few more roads ( 5 in total on this trip) and get on the highway to the mall. about 2 miles from the airport I get a very startling beep from my monitor
    DOA-NOC-AIRPORT pops up.... WTF!?!?!?! and its not encrypted....anyone else see something wrong with that ?

    anyways...I will attach my log of my quick drive to the mall for people to see.....
    all I have to say is, SECURE YOUR ****ING 802.11 nets to the max they are capable of..
    This 802.11 craze is too rediculous.
    By the way, I used netstumbler on this trip.
    www.netstumbler.com
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  2. #2
    Member
    Join Date
    Oct 2002
    Posts
    64
    Ive been studying 802.11 security for a while now. Actually there is not much to study.....its insecure!!!

    www.wardriving.com provides some good insight on the hardware and software needed to do this type of testing. It seems like ever since Shipley released his perl script to find AP's this thing has been going up and up and up.

    I am working on writing a secure guide to implementing 802.11b right now and will be posting it soon.

    Go to airsnort.shmoo.com to get the latest version of the popular WEP cracking tool Airsnort. This tool has been getting better and better and now supports the Hermes chipset (Orinoco). For all of you with Orinoco cards, they have an external antenna attachment so support for these cards is good. While testing Airsnort in a lab environment I cracked WEP with about 3500 "interesting" packets (packets with weak key sections) in only 2 hours.

    I do agree that 802.11 is getting a bit out of control because I cant turn around before another script kiddie puts up a website claiming he is a hacker because he wardrove his local neighborhood. 802.11 is really cool but extremely dangerous because it is so cheap and easy to implement and people just dont know the security implications of it.

    Check out the presentation section of www.blackhat.com . They have some great presentations on 802.11 security, advanced explout techniques, and basically anything else you would ever want to know about it.

    ~Xe

  3. #3
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    xenon

    xenon
    Have you tried kismet yet ? www.kismetwireless.net for those that don't know....

    And also, linux is still the premier OS for wardriving as it has all the tools readily available to it., not that I am a cracker or wardriver etc....this was all in experimentation and to widen the eyes of others....
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  4. #4
    Member
    Join Date
    Oct 2002
    Posts
    64
    I just remembered. Wanna play a good joke on a script kiddie???

    Search Google for FakeAP.

    This is a program that uses PrismII cards to generate thousands of fake AP beacons. Netstumbler will pop up thousands of access points!!

    I tested this thing out on a friend of mine. The look on his face was priceless.

    FakeAP is not a viable security option though (security through obscurity)


    ~Xe

    Yes. Kismet is phenomenal. Definatly the standard for Linux warXing.

  5. #5
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    I was reading about that, I thought of trying it out to see.. However I know that none of these unencrypted ones were fake as I connected through them....
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  6. #6
    Member
    Join Date
    Oct 2002
    Posts
    64
    Linux is the premier tool for everything Sorry, i couldnt resist.

  7. #7
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    indeed it is....I wanted something fast and ugly though as I thought of it at the last minute.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  8. #8
    Member
    Join Date
    Oct 2002
    Posts
    64
    Sorry this is unrelated but real quick. I accidentally hit the "Ignore" button while trying to send you a PM. How do I take you off this list?

    Damn touchpads.

    ~Xe

    nevermind. I found it.

  9. #9
    Member
    Join Date
    Oct 2002
    Posts
    64
    I apologize for hogging this thread but I remembered I have this great whitepaper that gives a good overview of the issues surrounding 802.11. It also lists all the common testing programs out there in one of the appendix.

    Enjoy

    ~Xe

  10. #10
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    nice whitepaper...time to read...
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •