RE: FakeAP

From: captgoodnight captgoodnight <captgoodnight@hotmail.com>
Date: Wed Apr 19 2006 - 15:51:15 AKDT

Here's some other trickery to spark the imagination,

kismet | gpsd | snort for wireless/rfmon ids

hotspotter (get your M$ hosts with a preferred essid to associate, did ya
know they broadcast it)

http://www.aircrack-ng.org/index.php?title=Main_Page -mod firmware and do
some fun trickery, mod allows the card to broadcast in rfmon, only one I
know of.

ettercap, add this tool to any of the above methods and control your
wireless world ;)

http://www.blackalchemy.to/project/fakeap/

Requires hostap modules and a prism card. You'll find nearly all wifi
trickery depends on hostap/prism and some orinoco here and there (aircrack,
kismet...) orinoco cards are really good for chop-chop (see aircrack).
Defeating fakeap with recon; no associated radios in kismet.

Now what about a wireless honey pot, say hostap in master mode with dhcpd
and honeyd and of course snort...Add some unpatched servers and a default
iis install for entertainment.-- oh dear trouble is brewing.

thanks,
--eddie

>From: Adam bultman <adamb@glaven.org>
>To: aklug@aklug.org
>Subject: FakeAP
>Date: Wed, 19 Apr 2006 12:51:19 -0800
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>I can't remember if I have posted this to aklug yet or not, but here goes:
>
>http://www.blackalchemy.to/project/fakeap/
>
>If installed and run, it'll create a ton of APs around on various
>channels, MAC addresses, etc and pretty much make wardriving
>impossible. Give it a dictionary of words, and it'll use those to
>create the ESSIDs - although it comes with it's own (which isn't very
>clever.)
>
>I've been trying to get it to run, but I'm not sure my wireless cards
>are the right type. The kernel doesn't identify any of them as Prism2
>(One is an intel nic, another an orinoco, and the final is some random
>Dell one).
>
>If I get it working, I'll bring it on friday, and we'll see what kind
>of a mess we can make.
>
>Adam
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.1 (GNU/Linux)
>
>iD8DBQFERqLGkZb3NX+IDMsRArOoAKDfSZYi5CifNKSrdXIRyIRrjUoe4gCgujCz
>jysAUvmwzyW+TxWDK1SelJ0=
>=jauY
>-----END PGP SIGNATURE-----
>
>---------
>To unsubscribe, send email to <aklug-request@aklug.org>
>with 'unsubscribe' in the message body.
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Apr 19 15:51:40 2006

This archive was generated by hypermail 2.1.8 : Wed Apr 19 2006 - 15:51:40 AKDT