Read an article on "Is Hiding the Wireless SSID All the Network Security You Need?" by Dale Rapp, which as the title suggests is about the security benefits of hiding the SSID, whilst I take the point the hiding the SSID may improve slightly the security of the wireless network, in my opinion it has a more dramatic affect on the performance of wireless networks than the security benefits the hiding of the SSID brings.
The main affect of hiding the SSID is that wireless clients will not see the wireless network as the broadcast function is turned off, other mechanisms that will give out the SSID are still in play and used by those interested in breaking into a wireless network.
However to many domestic users of wireless networks the problem comes from not being able to see how many networks are on a channel if the some of the networks are suppressing the broadcast of the SSID. The upshot is that often when the RF environment is examined there are many networks in close proximity using the same channel, this affects the performance of these networks, and as an increasing number of domestic networks are being used to stream video the affect of the congestion of a channel becomes problem for the users of the network.
This releationship between security and performance is the main focus of the research I am carrying out for my MSc.
Thursday, 21 June 2012
Tuesday, 12 June 2012
Pineapple & DNS Spoof
Just configured DNS spoof on the Pineapple mk IV, a very simple set-up but for those like me who mainly used Windows in the past, a couple of notes on the set-up that may prove useful to others.
I have my Pineapple tethered to a Windows7 laptop, to communicate with the Pineapple I use the following programs
Logging on to the Pineapple using firefox, I find IE does not display all the screens properly (I had trouble seeing Karma log on the status page) I followed the edit link for DNS Spoof from the status page.
DNS Spoof Config
I added another line to the config file and save the config
This will cause an device connected to the Pineapple to go to the Pineapple web server (172.16.42.1 is the IP address of the Pineapple WiFi interface) if the www.<domain>.co.uk is in the URL request. They is the possibility of redirecting the browser to a server on another machine.
The www folder on the pineapple has the following pages in it.
The redirect.php is a php script that searches the HTTP_REFERER for a keyword (the domain to be redirected) if it exists it redirects the browser to a target page.
The error.php is a file that handles errors in the redirect.php ie. target domain has does not have a specified page to be redirected to.
Using WinSCP I connected to the Pineapple and browsed to the /www folder. The redirect.php can be edited to add additional domain redirects in the form.
Enabling DNS Spoofing then causes any device connecting to the Pineapple and looking for a domain to be directed to the specified page.
I have my Pineapple tethered to a Windows7 laptop, to communicate with the Pineapple I use the following programs
Logging on to the Pineapple using firefox, I find IE does not display all the screens properly (I had trouble seeing Karma log on the status page) I followed the edit link for DNS Spoof from the status page.
DNS Spoof Config
I added another line to the config file and save the config
172.16.42.1 www.<domain>.co.uk
This will cause an device connected to the Pineapple to go to the Pineapple web server (172.16.42.1 is the IP address of the Pineapple WiFi interface) if the www.<domain>.co.uk is in the URL request. They is the possibility of redirecting the browser to a server on another machine.
The www folder on the pineapple has the following pages in it.
- error.php
- index.php
- redirect.php
The redirect.php is a php script that searches the HTTP_REFERER for a keyword (the domain to be redirected) if it exists it redirects the browser to a target page.
The error.php is a file that handles errors in the redirect.php ie. target domain has does not have a specified page to be redirected to.
Using WinSCP I connected to the Pineapple and browsed to the /www folder. The redirect.php can be edited to add additional domain redirects in the form.
if (strpos($ref, "<domain>")){ header('Location: <targetpage>.html'); }
I then uploaded a <targetpage>.html file to the www directory for the redirect.Enabling DNS Spoofing then causes any device connecting to the Pineapple and looking for a domain to be directed to the specified page.
HoneySpot
Preparing the equipment for a Wifi HoneySpot to analyse wardrive and connection attempts to unsecure Access points as part of my research.
Using a battery powered Pineapple tethered to laptop with Karma running to record coonection attempts and using CommView for Wifi to record Probe Request/Response frames
Karma running on the pineapple
CommView running on the laptop, filtering out all but probe request/response frames, to and from the Pineapple
Using a battery powered Pineapple tethered to laptop with Karma running to record coonection attempts and using CommView for Wifi to record Probe Request/Response frames
Karma running on the pineapple
CommView running on the laptop, filtering out all but probe request/response frames, to and from the Pineapple
Google & Wardriving
Google have hit the headlines again, as various regulatory bodies reopen investigations into their "wardriving" and illegal collection of WiFi data whilst they where using the Street View cars http://www.bbc.co.uk/news/technology-18415856. It is now coming out that the engineer who wrote the code told others http://www.bbc.co.uk/news/technology-17892288 some reports have named Marius Milner author of NetStumbler http://www.crn.com.au/News/299072,netstumbler-creator-behind-google-wi-fi-snoop.aspx as being the engineer involved. The NetStumber site is not making comments on the allegation http://www.netstumbler.com/2012/05/07/is-marius-milner-the-unnamed-google-engineer/
The Street View project was an ambitious plan to photograph and map the world’s streets that also involved gathering information about local wireless networks to improve location-based searches. A Google engineer went a step further, and included code to collect unencrypted data sent from homes by computers as specially equipped cars drove by. Google has long maintained that the engineer was solely responsible for this aspect of the project. But a complete version of the F.C.C.’s report, released by Google on Saturday, has cast doubt on that explanation, saying that the engineer informed at least one superior and that seven engineers who worked on the code were all in a position to know what was going on. The F.C.C. report also had Engineer Doe spelling out his intentions quite clearly in his initial proposal. Managers of the Street View project said they never read it. Mr. Milner created a program called “NetStumbler,” the page also says, and describes the early version of NetStumbler as “the world’s first usable ‘Wardriving’ application for Windows.” The F.C.C. report notes that wardriving is “the practice of driving streets and using equipment to locate wireless local-area networks using Wi-Fi, such as wireless hot spots at coffee shops and home wireless networks.” To design Street View’s code for locating wireless hot spots, the F.C.C. report states, “Google tapped Engineer Doe.”
Engineer Doe wrote the code during the 20 percent of work time that the company gives employees to pursue ideas on their own according to Google. In 2010, after it became clear that Google’s Street View project was collecting e-mail and other personal data, Google hired a computer investigations firm, Stroz Friedberg, to examine how the software program worked. The outside investigator’s report was named, “Source code analysis of gstumbler,” http://static.googleusercontent.com/external_content/untrusted_dlcp/www.google.com/en//googleblogs/pdfs/friedberg_sourcecode_analysis_060910.pdf the name for the Street View application initially used inside Google. The Stroz Friedberg report does not name the developer of the gstumbler program, or other engineers who worked on Street View.
Locating and communicating effectively with Wi-Fi networks is an essential capability for mobile computing. It is an important tool in smartphone software like Google’s Android, Apple’s iOS and Microsoft’s Windows Phone, both for communicating and often for location-based services like shopping guides and Foursquare. Data beamed from wireless networks guide those location services. But, according to industry executives and analysts, there are different approaches to using Wi-Fi transmissions. The minimal approach, they say, is to collect data on the access point and strength of the signal. A Google rival in location software, Skyhook Wireless, takes the minimal approach, said Ted Morgan, chief executive, while Google does not.
This is going to go for a bit longer in the press.
The Street View project was an ambitious plan to photograph and map the world’s streets that also involved gathering information about local wireless networks to improve location-based searches. A Google engineer went a step further, and included code to collect unencrypted data sent from homes by computers as specially equipped cars drove by. Google has long maintained that the engineer was solely responsible for this aspect of the project. But a complete version of the F.C.C.’s report, released by Google on Saturday, has cast doubt on that explanation, saying that the engineer informed at least one superior and that seven engineers who worked on the code were all in a position to know what was going on. The F.C.C. report also had Engineer Doe spelling out his intentions quite clearly in his initial proposal. Managers of the Street View project said they never read it. Mr. Milner created a program called “NetStumbler,” the page also says, and describes the early version of NetStumbler as “the world’s first usable ‘Wardriving’ application for Windows.” The F.C.C. report notes that wardriving is “the practice of driving streets and using equipment to locate wireless local-area networks using Wi-Fi, such as wireless hot spots at coffee shops and home wireless networks.” To design Street View’s code for locating wireless hot spots, the F.C.C. report states, “Google tapped Engineer Doe.”
Engineer Doe wrote the code during the 20 percent of work time that the company gives employees to pursue ideas on their own according to Google. In 2010, after it became clear that Google’s Street View project was collecting e-mail and other personal data, Google hired a computer investigations firm, Stroz Friedberg, to examine how the software program worked. The outside investigator’s report was named, “Source code analysis of gstumbler,” http://static.googleusercontent.com/external_content/untrusted_dlcp/www.google.com/en//googleblogs/pdfs/friedberg_sourcecode_analysis_060910.pdf the name for the Street View application initially used inside Google. The Stroz Friedberg report does not name the developer of the gstumbler program, or other engineers who worked on Street View.
Locating and communicating effectively with Wi-Fi networks is an essential capability for mobile computing. It is an important tool in smartphone software like Google’s Android, Apple’s iOS and Microsoft’s Windows Phone, both for communicating and often for location-based services like shopping guides and Foursquare. Data beamed from wireless networks guide those location services. But, according to industry executives and analysts, there are different approaches to using Wi-Fi transmissions. The minimal approach, they say, is to collect data on the access point and strength of the signal. A Google rival in location software, Skyhook Wireless, takes the minimal approach, said Ted Morgan, chief executive, while Google does not.
This is going to go for a bit longer in the press.
Subscribe to:
Posts (Atom)