Wireless Camouflage? 174
Anonymous Coward writes "Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables. Fake AP is a proof of concept released under the GPL."
Security through Obscurity (Score:2, Insightful)
http://slashdot.org/features/980720/0819202.sht
DOS application? (Score:2, Insightful)
Doesn't this just slow down the wardriving a bit? (Score:4, Insightful)
In fact, I think that the problem with this solution is the amount of effort expended in defense is equal to the amount of effort for the war driver. You've got to have a PC pumping out fake APs constantly. Both radio modems are putting out the same bandwidth. This isn't a good equation for most of us.
Good encryption, on the other hand, takes only a few cycles to do but a gazillion cycles to undo. That's a great ratio of defense to offense.
Plus, don't the fake APs still end up jamming the channel. If you're faking an AP, someone else can't use the channel on that micro second. Given that wardrivers come only occasionally, but the jamming goes on constantly, I think that the legitmate users will pay a big price in network access for something that would only slow war drivers down a bit.
But I may be wrong.
Script kiddies are people too (Score:2, Insightful)
I mean come on. Is the big problem in todays work environment really that before all the staff can play Quake III on the company LAN someone has to go out and scatter all the hooligans with laptops?
This is cool, don't get me wrong. But if encryption isn't enough, go with the cat5 cable.
Re:Security through Obscurity (Score:3, Insightful)
Same for Brooks' law, for all the people who love to invoke that one. It's not a formal proof that adding a developer will necessarily delay a project.
Not much help unless your network is unused.. (Score:5, Insightful)
From the trenches.. (Score:5, Insightful)
However I've noticed that companies with wireless AP's tend to be in clusters in close vicinity to each other. I'm just wondering what the effects on the persons neighboor would be. I could just see someone running this and just confusing the hell out of his neighboors. It would be even worse if the fake broadcasts were on different channels, then there would be real chaos with legit users.
Fun to play with, but not practical for production since a determined attacker would wade through the data to get your real SSID
Just my $0.02
Re:MAC filter always worked for me (Score:2, Insightful)
You're most likely right, since they are likely doing this for sport, not hacking. If you are using this simply as a deterrent, not security, then you are correct.
However, any hacker who actually wanted in your network could do so in seconds:
1. Listen for a unicast frame to determine a valid MAC address on the network.
2. Change MAC address on his/her card to be one of the MAC addresses.
3. Pillage the network of the person sitting dumb, fat, and happy on their unsecured net.
The short and sweet of this is that it is not hard to spoof MAC addresses. Therefore, Access Control Lists (ACL) can not be the only level of security.
Yes. Re:Doesn't this just slow down the wardriving (Score:4, Insightful)
That's probably its achilles heal. If you measure which AP point has the most traffic, you've blown past any illusion of security this gives you.
Re:So who's going (Score:4, Insightful)
And a better analogy would be trying to avoid venereal disease by dumping condoms all over the place so it's a veritable certainty that you'll be within reach of one wherever you happen to find yourself doing the nasty.
A better
Re:Security through Obscurity (Score:2, Insightful)
Re:Security through Obscurity (Score:2, Insightful)
Not saying it's bulletproof, but if it makes it harder to get in and the cost is small then there's no reason not to do it.
Not much more than a diversion (Score:2, Insightful)
As has been pointed out in other replies to this story:
it's easy to sniff for data traffic and thus ignore the fake access points,
this is a useful DoS tool more than a way of securing networks.
Seems to me that as long as network admins, users or Jo-average-computer-at-home-user keeps thinking of 802.11 kit as a "alternative to wires", we'll be stuck with all the security problems. Wireless = broadcast. That will inevitably involve sending your data out to anyone who cares to set up an antenna and kit to recieve it. You trade the convenience of not having to run wires for the insecurity of broadcasting your bits to the world. Anyway, given that this unpleasantly insecure technology is spreading worldwide, it's interesting to see this article at CNet [com.com] about small, cheap 802.11 chipsets destined for set-top boxes. I contentedly predict that in a couple of years there'll be scares about wardrivers sniffing what people are watching on their wireless TVs :)
Anna B