Wireless Camouflage? 174
Anonymous Coward writes "Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables. Fake AP is a proof of concept released under the GPL."
Won't this kill available bandwidth? (Score:2, Interesting)
Uhm, huh? (Score:2, Interesting)
So this program creates a whole host of fictional access points? Well, a few points I don't get
How do *you* the correct user, find out which AP is correct?
What keeps the wardriver from doing that?
How does this affect performance?
how does this affect range?
If it doesn't affect either of the two above, then how does it work? It requires, apparently, only one 802.11b card...
Of course, I only run a small wireless network, and I am really not the most technically skilled of people. However, I use whatever security I have (the relatively weak WEP, with a well generated key), and would love having a bit more assurance of network safety.
Anyone who understands this willing to come forwards?
(And not just understanding in principle, i understand their whole schpiel about hiding in plain sight, like an apple in a barrel of apples.)
A much simpler solution... (Score:3, Interesting)
Admittedly, not all AP's allow beacons to be disabled. But then, Kismet doesn't need them at all to detect networks.
Contaminated Coffee. (Score:4, Interesting)
This seems easy to circumnvent (Score:2, Interesting)
So just compile a list of all the APs you see and listen out for a good security association. From this you can devine the real AP.
With the proposed enhanced security mechanisms (TKIP & AES) the encryption similarly is not turned on until a security association (based on 802.1x) is completed. You can see this happen on the air and you can see which AP is being communicated with.
For this to work well you might need to also fake lots of good security associations to all the fake APs that are beaconing.
I see this is a poor mechanism. It is security through obscurity. It can be circumvented and the beacons suck away bandwith.
TKIP is the way to go.
Very effective @ DCX (Score:2, Interesting)
It was good stuff, and I ended up getting my name in the credits.
Public doesn't mean unregulated (Score:3, Interesting)
Just because something is public does not mean that rules do not apply to this public space. A park is a public space but there are rules about how you can use it, the unlicensed spectrum used by 802.11b is available for anyone to use but you are still required to follow FCC regulations regarding how you operate within this spectrum. There are rules that dictate how your wireless card operates, how much power it can put into it's signal, etc.
In fact, it might be wise of you to consider this in terms of another user of this particular segment of the spectrum -- cordless phones operating at 2.4 GHz. The signal goes out over the same unlicensed spectrum band, but if you were to create a base station which prevented your neighbors from using their cordless phone handsets (even if it was accidental) you could be fined for violating the FCC rules regarding this slice of the spectrum. If you were to monitor and record a transmission between the base station and remote node you would be breaking the law. If you created a phone handset that masqueraded as your neighbors handset and used his phone base station (and phone line) for your calls you would be breaking the law. Both offenses can bring stiff fines and jail terms, something that aggressive wardrivers and 802.11b access point "borrowers" might want to keep in mind...