AirMagnet Wi-Fi Security Tool Takes Aim At Drones

alphadogg (971356) writes "In its quest to help enterprises seek out and neutralize all threats to their Wi-Fi networks, AirMagnet is now looking to the skies. In a free software update to its AirMagnet Enterprise product last week, the Wi-Fi security division of Fluke Networks added code specifically crafted to detect the Parrot AR Drone, a popular unmanned aerial vehicle that costs a few hundred dollars and can be controlled using a smartphone or tablet. Drones themselves don't pose any special threat to Wi-Fi networks, and AirMagnet isn't issuing air pistols to its customers to shoot them down. The reason the craft are dangerous is that they can be modified to act as rogue access points and sent into range of a victim's wireless network, potentially breaking into a network to steal data."

Makes Perfect Sense

[QBasicer]

Instead of fixing a vulnerability or weakness in wifi, lets prevent drones from flying nearby. Because you can totally trust ALL your employees not to plug in a router to perform a similar attack.

Re:

[Sarten-X]

It's a crappy story, but the real threat is that cheaply-available drones are an easy way to bypass physical security layers.

Apparently, this update just adds specific identification for the Parrot AR, providing sysadmins with information about its location and video stream.

Re:

[plover]

I think this is almost entirely a publicity stunt. It's easy to detect the manufacturer's OUI, and they're already selling a device that examines WiFi traffic, so why not add a signature for the Parrot? It costs them almost nothing, and it's kind of attractive in a faux-nerdy marketing person way. The salesman can use it to joke with the CIO when he's trying to sell them. The engineers will roll their eyes. but the executives will think they're doing something useful.

The real question is if detecting R/

Re:

[Sarten-X]

It's more than a signature ID. Apparently it also will interpret movement commands and intercept the video stream to show admins what the drone is looking at.

Re:

[Jane Q. Public]

It's a crappy story, but the real threat is that cheaply-available drones are an easy way to bypass physical security layers.

So are toy cars.

So what?

Re:Makes Perfect Sense

[ledow]

Anyone who worries about wireless security and hasn't yet deployed WPA2-Enterprise and VLANs deserves everything they get.

Seriously, an employee plugging in a router? ALARM BELLS GO OFF IN IT ROOM.

An employee sets up a duplicate wireless network with the same SSID?

Weird. None of the connection policies match, so nothing officially supplied by IT will connect to it. And employees "might" connect to it, manually, sure. If it wasn't that the wireless AP's around the place have spotted the intruder, emailled me, triangulated the position of the AP, flooded it off the airwaves, and you'd have to re-type in all your RADIUS / WPA keys into it in order for it to actually let you CONNECT without warnings anyway.

It's just not a problem if you are serious about your wireless deployment. If you're not serious, that's the problem.

I'm an IT guy that works in schools, with hostile users, some of them living on-premises, willing to break all the rules, some of whom have built their own drones to fly around the school premises, and this isn't an issue I'd be concerned about.

For a start, the Cisco Meraki gear I use would "contain" any such network, and it would warn me, and it would even put a little pinpoint on a wireless heatmap if I so desired to tell me where they are.

The rest is just taking a smartphone with a free app, walking to that point, and disciplining whoever I found there / taking down the drone and waiting for someone to come claim it.

Re:

[sexconker]

If someone plugs in a router with a spoofed MAC of an allowed device for that port, you'd never know.
Most routers support MAC spoofing in order to forward the MAC of your main PC to the cable / DLS modem. Many ISPs will block a new MAC for a period of time or until your call up and tell them. If you require authentication on a wired port, they could set that up as well.
The only way to prevent a MITM attack is to physically secure the network wiring or centrally manage per-device encryption keys/certificat

Hey look old technology

[i kan reed]

Wait! The old technology is attached to an autonomous quadrotor. Guess I'd better panic.

Re:

[naughtynaughty]

Love the blanket statement that "no current UAVs are safe enough to fly in populated areas", things like this must absolutely terrify you: http://www.poweruptoys.com/ [poweruptoys.com] BTW, stay off the streets, where real danger exists.

20 minutes of battery life

[radioact69]

This is the dumbest thing I have ever read, and I have read some dumb stuff. Slashdot FAIL.

A lot of effort there

[Anonymous Coward]

A lot of effort to stop a threat I've not heard of anyone doing. How is this easier and more stealthy then someone in a car with a wireless cracker?

The number one source of data breaches/theft is from employees. Are they suggesting employees are going to do something so elaborate/expensive/unreliable? Wow am I confused.

Would probably make a good TV show though.

Probably where they are getting their threat analysis from.

A better option is...

[Anonymous Coward]

Broad spectrum, high power RF jammers. A bonus if it also takes out cell networks.

Re:

[Bjorn_Redtail]

They also are dead easy to direction find.

This Parrot has ceased to be!

[Irate Engineer]

Lovely plumage though.

I've got a similar idea in the works...

[jeffb (2.718)]

It's a receiver to detect the EM signature from the onboard electronics of a Prius.

See, I've heard that it's possible for a Prius driver to run over kids who are playing in the street. So I've designed this receiver that fits into a kiddy backpack, and sounds an alarm when there's a Prius nearby. That way, when my kids are playing in the street and a Prius approaches, they'll hear the alarm. I guess then they can get out of the street, but what I'm really looking for is a way to ban Priuses from driving on my street. After all, I'm a responsible parent who's keenly aware of the dangers Priuses pose to kids who play in the street.

Re:

[HornWumpus]

They're no worse then the Volvo diesels they traded in for Pius'. The problem has always been the drivers.

Battery lasts for only 12 minutes

[LongearedBat]

I have an AR Drone 2, and the standard battery lasts for maximum 12 minutes (1000 mAh). I've ordered a new battery that holds 1500 mAh. Looking forward to see if it lasts for 18 minutes.

How much damage can one do with that? Seems easier to sneak up close and hide in a bush while cracking in to someones network using a laptop.

Re:

[mjwalshe]

could use a bigger drone to airlift a raspberry pi powered drone plus battery pack onto the roof - bonus points for making the pi solar powered

Re:

[stephanruby]

How much damage can one do with that? Seems easier to sneak up close and hide in a bush while cracking in to someones network using a laptop.

Yes, but your laptop, or your Android device as proxy [telerik.com], wouldn't have the convenient AR_DRONE_ID#### SSID attached to it, so the security idiots at FUD Networks wouldn't have any idea how to detect those.

Re:

[stephanruby]

Sorry, I provided the wrong link. To capture wifi traffic with an Android device, you'd need this instead [appbrain.com].

Re:

[plover]

You don't have to be flying in order to serve as a rogue access point. Just land the drone near the target and hack from there. Besides, you'll attract a lot less attention if you're hiding the machine on the victim's roof.

so?

[mjwalshe]

Don't all wifi management tools do rogue ap detection - I rember playing with the cisco one and that has some neat ICE tech in it

AirMagnet

[redfood]

Did anyone else click on this story hoping to see some sort of magnet dart gun or EMP gun used for disabling drones?

Boring

[c]

I want to see a security tool which hijacks the drone control connection, lands it on my roof, and shuts it down so it won't leave.

I can't quite decide if the followup should be "call the police", "hold drone ransom" or "just keep it", but I'm sure I'd think of something.

Re:

[Ol Olsoc]

I want to see a security tool which hijacks the drone control connection, lands it on my roof, and shuts it down so it won't leave.

I can't quite decide if the followup should be "call the police", "hold drone ransom" or "just keep it", but I'm sure I'd think of something.

Just wait until it comes into the airspace above your roof, then blast it with a wideband signal around 2.4 GHz. It will screw the wifi connection to the phone or tablet controlling it, and the drone, now goes into landing mode, looking for a safe place to land. It will slowly descend onto your roof.

The owner will see all this, and might take umbrage at your stealing their drone. Which almost certainly wouldn't be flying over your roof anyhow.

Re:

[c]

The owner will see all this, and might take umbrage at your stealing their drone. Which almost certainly wouldn't be flying over your roof anyhow.

Well, I live in the country. If a wifi-controlled drone gets within signal range of my house, the owner is very likely trespassing and almost certainly snooping on my property in particular.

Re:

[Ol Olsoc]

Well, I live in the country. If a wifi-controlled drone gets within signal range of my house, the owner is very likely trespassing and almost certainly snooping on my property in particular.

Um, sure. Most of us drone users stay well away from houses. The whole "drone spying on your teenage daughter as she lovingly caresses her nubile body in the shower", and on and on and on, is something straight out of Law and Order, or porn movies. Or that packs of parrot users are going to break into your wifi network, or sit in smoke filled rooms, coming up with new ways to violate your civil rights.

Everyone I know just enjoys the little bit of flight time, for the few minutes the batteries allow, and

Re:

[c]

Most of us drone users stay well away from houses.

As I said, I live in the country.

Most ATVers, snowmobilers, boaters, hunters, etc are perfectly respectable people who go out of their way not to bother anyone, and I have no issue with them.

Those other fuckers, however... I have absolutely no doubt that drone technology will become simple and ubiquitous enough that the sort of asshole who enjoys annoying people with expensive toys will inevitably discover and abuse it.

Re:

[Ol Olsoc]

Those other fuckers, however... I have absolutely no doubt that drone technology will become simple and ubiquitous enough that the sort of asshole who enjoys annoying people with expensive toys will inevitably discover and abuse it.

Glenn Beck called. He said you're getting a little over the top.

Re:

[CaptQuark]

If I was going to attempt to break into your network or record video of your property, I would connect the camera and wifi equipment to a kite and fly it over your house. No noise, people are used to seeing kites, and I retain control of the kite and can bring it back quickly. I could do the same thing with a long pole from my car or a balloon.

Flying RC toys are just the trigger topic of the week to get people's ire up.

~~

Arguments based on drone range

[jeffb (2.718)]

It's possible to connect a controller to an antenna that vastly extends its range. Is your property extensive enough to give you a 2-kilometer perimeter [parrot.com] around your house?

Re:

[c]

It's possible to connect a controller to an antenna that vastly extends its range. Is your property extensive enough to give you a 2-kilometer perimeter around your house?

I specifically said "the signal range of my house". Stock antennas on a router in the basement. If my network can see the drone, it's going to be pretty close.

Re:

[Anonymous Coward]

That sounds like the "Frisbeeatarian" approach.

Frisbeeatarians believe that when you die, your soul goes up on the roof and nobody can get it down.

Huh?

[Ol Olsoc]

These drones get their control via wifi.

Wouldn't this mean that the person controlling the drone would have to be on the wifi system already?

It isn't just going to stay there without any control. On my parrot, the drone will ease on down if it loses contact with the controller. Kind of keeps it from flying on til hte batteries drop if you lose contact. So it would need multiple wifi's. Oh, and then it wouldn't be recognizable as a parrot drone. And....

Even if you could rig it to attack another wifi, i

10 Minutes Flight time

[bobbutts]

This is going to need to be a very fast attack since the battery on the quadcopter only lasts around 5-10 min.