March 18th, 2007, 12:30 PM
Although this is not particularly new as a concept it appears to be on the increase.
What happens is a bad guy sets up a fake hotspot at an airport, railstation or anywhere else where there are likely to be legitimate hotspots.............. the rest is pretty much predictable.
So the message to those who think that it is 1337 and kewl to wardrive and leech.................. you do so very much at your own risk?
March 18th, 2007, 07:25 PM
Evil twin AP's are always something to look out for. Its funny when you you see commercial connection name as an ad-hoc connection. Others set evil twins up correctly, shows up as a full on AP. Moral is if you don't know the MAC address of the AP your connecting to you just might connect to a twin network at your local coffee shop.
March 19th, 2007, 08:53 AM
They don't even have to be "evil twin AP's". I was in a local health food
store yesterday and commented to the owner about their free wireless,
which I pick up at the Starbuck's across the street. He looked puzzled
and said they don't offer free wireless. I replied their was a WAP named
after his store in the neighborhood. He was freaked.
“Everybody is ignorant, only on different subjects.” — Will Rogers
March 19th, 2007, 12:47 PM
That is very true! I think that we have to look at five possible scenarios:
1. Legitimate free sites such as at airports, railway stations, public libraries, hotels etc.
2. "Evil Twin" sites that masquerade as one of the above.
3. Unsecured sites due to owner ignorance.
4. Deliberately unsecured sites.............. for malicious purposes.
5. Deliberately unsecured sites for law enforcement purposes.
I can see this developing some interesting cases in the days to come. Particularly as it is very difficult to establish a link between a wardriver and the actual AP for forensics purposes............normally that is a problem for the AP owner, but now it will work the other way?
Claiming that all that illegal stuff must have been planted on you whilst you were wardriving isn't a good defence. As prosecutor I would be right in there with "Ah! so you claim to have received it whilst you were out stealing someone else's bandwidth..........I put it to you that you found it whilst obtaining illegal access to a fellow pervert's computer and decided to help yourself"
"Time you met Bubba for some regular computer security lessons"
March 19th, 2007, 03:47 PM
I consider ANY wifi connection an Evil Twin. That is, untrustable.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
By Outer_Heaven in forum Wireless Security
Last Post: March 11th, 2005, 05:56 PM
By kittgordon in forum Wireless Security
Last Post: February 3rd, 2005, 05:52 PM
By Irongeek in forum The Security Tutorials Forum
Last Post: September 21st, 2004, 03:50 AM
By Plastic in forum The Security Tutorials Forum
Last Post: March 20th, 2004, 11:15 PM
By Cube3k in forum Network Security Discussions
Last Post: January 9th, 2004, 03:01 AM