[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <53C88E28.3080706@brownhatsecurity.com>
Date: Thu, 17 Jul 2014 20:02:00 -0700
From: Eric Rand <eric.rand@...wnhatsecurity.com>
To: Rikairchy <blakcshadow@...il.com>, fulldisclosure@...lists.org
Subject: Re: [FD] Jamming WiFi tracking beacons
R-pi doesn't come with a built-in wifi adapter, so you'll need to get
some add-ons to do that--and keeping in mind that there's only one USB
controller for all the networking and suchlike, there's a decided limit
to the amount of bandwidth that they can handle.
Listening for connects is very doable, though that's really more the
province of the Pineapple
[ http://wiki.wifipineapple.com/index.php/Main_Page ]
and similar projects--the Pineapple also gives you various other
functionalities, like spoofing and MITM facilitation.
Right tool for the job and all that.
On 07/17/2014 07:56 PM, Rikairchy wrote:
> I'm thinking of picking up a few Raspberry Pis, I was wondering if they
> could be used as a way to track devices that search for wifi (unless this
> is passive only), and recognise "friendly" devices while notifying an
> administrator of foreign devices detected. Could this have any real world
> application?
> On Jul 17, 2014 7:37 PM, "Eric Rand" <eric.rand@...wnhatsecurity.com> wrote:
>
>> There's a project on github for just that kind of thing:
>>
>> https://github.com/DanMcInerney/wifijammer
>>
>> Regardless of the hardware you choose to use, however, keep in mind that
>> you're going to be using a much higher fraction of the radio amplifier
>> in the wifi adapter's time than normal use, so there will be
>> proportionally greater power consumption.
>>
>> (Radio theory isn't really infosec, but is a design consideration for
>> something like this; I can talk about it out-of-band if you need to know)
>>
>> On 07/16/2014 02:26 AM, Keira Cran wrote:
>>> Hey,
>>>
>>> It's great that companies like Apple recognising the threat of tracking
>>> people via their devices wifi cards' MAC addresses, by randomising them.
>>>
>>> Naturally, I wondered i it was possible to jam the measurement beacon by
>>> spoofing tons of wifi clients. At one point in London, there was an
>>> advertising firm with tracking bins [1] and I have a nice clip of a
>>> technician looking puzzled at one beacon trying to figure out what's
>>> wrong. (Unfortunately, it's bit too close to home (literally) to share.)
>>> In the US I believe some ad "analytics" firms like SenseNetworks do
>>> something similar. [2]
>>>
>>> Consider this a call to arms then, to put those unused raspberry pies
>>> you have lying around to good use.
>>>
>>> best,
>>> keira
>>>
>>> [1]
>>>
>> http://www.theguardian.com/world/2013/aug/12/city-london-corporation-spy-bins
>>> [2] http://sensenetworks.com/
>>>
>>>
>>> _______________________________________________
>>> Sent through the Full Disclosure mailing list
>>> http://nmap.org/mailman/listinfo/fulldisclosure
>>> Web Archives & RSS: http://seclists.org/fulldisclosure/
>>>
>>
>>
>> _______________________________________________
>> Sent through the Full Disclosure mailing list
>> http://nmap.org/mailman/listinfo/fulldisclosure
>> Web Archives & RSS: http://seclists.org/fulldisclosure/
>>
>
Download attachment "0xC6AA699A.asc" of type "application/pgp-keys" (3117 bytes)
Download attachment "signature.asc" of type "application/pgp-signature" (885 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists