lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 17 Jul 2014 20:11:55 -0700
From: Eric Rand <eric.rand@...wnhatsecurity.com>
To: Rikairchy <blakcshadow@...il.com>, fulldisclosure@...lists.org
Subject: Re: [FD] Jamming WiFi tracking beacons

I hadn't seen the specs on the B+ model yet; mea culpa.

I think that the aircrack suite contains most of the functionality
you're looking for; seeding other sensors around with a mesh topology
might be a little bit of a challenge, but should still be doable.

On 07/17/2014 08:05 PM, Rikairchy wrote:
> I thought the B+ model was four ports, two controllers. I'm not interested
> in modifying (or even providing) a connection so much as looking for
> unrecognised devices. I had the idea of using them in a mesh, with only one
> actually connected to a live network. I thought it might be a way of
> listening to what other devices are already broadcasting when they search
> for a Wi-Fi connection
> On Jul 17, 2014 11:02 PM, "Eric Rand" <eric.rand@...wnhatsecurity.com>
> wrote:
> 
>> R-pi doesn't come with a built-in wifi adapter, so you'll need to get
>> some add-ons to do that--and keeping in mind that there's only one USB
>> controller for all the networking and suchlike, there's a decided limit
>> to the amount of bandwidth that they can handle.
>>
>> Listening for connects is very doable, though that's really more the
>> province of the Pineapple
>>
>> [ http://wiki.wifipineapple.com/index.php/Main_Page ]
>>
>> and similar projects--the Pineapple also gives you various other
>> functionalities, like spoofing and MITM facilitation.
>>
>> Right tool for the job and all that.
>>
>> On 07/17/2014 07:56 PM, Rikairchy wrote:
>>> I'm thinking of picking up a few Raspberry Pis, I was wondering if they
>>> could be used as a way to track devices that search for wifi (unless this
>>> is passive only), and recognise "friendly" devices while notifying an
>>> administrator of foreign devices detected. Could this have any real world
>>> application?
>>> On Jul 17, 2014 7:37 PM, "Eric Rand" <eric.rand@...wnhatsecurity.com>
>> wrote:
>>>
>>>> There's a project on github for just that kind of thing:
>>>>
>>>> https://github.com/DanMcInerney/wifijammer
>>>>
>>>> Regardless of the hardware you choose to use, however, keep in mind that
>>>> you're going to be using a much higher fraction of the radio amplifier
>>>> in the wifi adapter's time than normal use, so there will be
>>>> proportionally greater power consumption.
>>>>
>>>> (Radio theory isn't really infosec, but is a design consideration for
>>>> something like this; I can talk about it out-of-band if you need to
>> know)
>>>>
>>>> On 07/16/2014 02:26 AM, Keira Cran wrote:
>>>>> Hey,
>>>>>
>>>>> It's great that companies like Apple recognising the threat of tracking
>>>>> people via their devices wifi cards' MAC addresses, by randomising
>> them.
>>>>>
>>>>> Naturally, I wondered i it was possible to jam the measurement beacon
>> by
>>>>> spoofing tons of wifi clients.  At one point in London, there was an
>>>>> advertising firm with tracking bins [1] and I have a nice clip of a
>>>>> technician looking puzzled at one beacon trying to figure out what's
>>>>> wrong. (Unfortunately, it's bit too close to home (literally) to
>> share.)
>>>>> In the US I believe some ad "analytics" firms like SenseNetworks do
>>>>> something similar. [2]
>>>>>
>>>>> Consider this a call to arms then, to put those unused raspberry pies
>>>>> you have lying around to good use.
>>>>>
>>>>> best,
>>>>> keira
>>>>>
>>>>> [1]
>>>>>
>>>>
>> http://www.theguardian.com/world/2013/aug/12/city-london-corporation-spy-bins
>>>>> [2] http://sensenetworks.com/
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Sent through the Full Disclosure mailing list
>>>>> http://nmap.org/mailman/listinfo/fulldisclosure
>>>>> Web Archives & RSS: http://seclists.org/fulldisclosure/
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Sent through the Full Disclosure mailing list
>>>> http://nmap.org/mailman/listinfo/fulldisclosure
>>>> Web Archives & RSS: http://seclists.org/fulldisclosure/
>>>>
>>>
>>
> 

Download attachment "0xC6AA699A.asc" of type "application/pgp-keys" (3117 bytes)

Download attachment "signature.asc" of type "application/pgp-signature" (885 bytes)


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ