For my
research one of the aims is to investigate are people connecting to access
points they are not supposed to use, in order to find out if this is happen and
will be deploying a Honeyspot to see if anyone connects to it.
A
HoneySpot is portmanteau of Honeypot and Hotspot.
Honeynet Project definition (http://www.honeynet.org/misc/faq.html) of a
Honeypot is, “a system whose value is being probed, attacked, or compromised,
you want the bad guys to interact with it”.
TheWikipedia definition for a hotspot is (http://en.wikipedia.org/wiki/Hotspot_%28Wi-Fi%29), “A hotspot
is a venue that offers Wi-Fi access. The public can use a laptop, WiFi phone,
or other suitable portable device to access the Internet”.
A HoneySpot has been defined by the The Spanish Honeynet Project (SHP) in their
document "HoneySpot: The Wireless Honeypot" as a "venue that
offers Wi-Fi access whose value is being probed, attacked, or compromised, you
want the bad guys to interact with it”
Two types of HoneySpots have been defined:
· A Public HoneySpot simulates a
public wireless data network, that is, a pure hotspot. Hotspots are commonly
available at hotels, airports, coffee shops, libraries, as well as other public
places where there is a high interest in offering Internet connectivity to
visitors and customers.
· A Private HoneySpot simulates a
private wireless data network, such as those available in corporations or at
home. Typically, a private network offers access to a wired network (corporate
or home network) to legitimate wireless clients without the physical barriers
associated to wired connections.
For my experiment I will be using
a WiFi Pineapple Mk4 to create the Honeyspot, which is a wireless router
combined with a custom version of OpenWRT that allows it to be used for Wireless
security research and auditing. It has installed utilities such as Karma and
DNSspoof and or URLSnarf with which I can detect unauthorised connections. I will be continuing this with more details of the configuration and the results as the experiment progresses.
No comments:
Post a Comment