+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 23 of 23
Wireless Networks Thread, Wireless Hacking in Technical; Originally Posted by pcstru Slightly amusing aside, when I was out looking for them, I spotted some lads acting suspiciously ...
  1. #16
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,490
    Thank Post
    519
    Thanked 290 Times in 266 Posts
    Rep Power
    82
    Quote Originally Posted by pcstru View Post
    Slightly amusing aside, when I was out looking for them, I spotted some lads acting suspiciously round one of the bike cages. They were trying to hack a combination padlock - so at least I can chalk up one hacker today!
    Nice one, i'm not 100% sure how you're going to be able to get the location exactly.

  2. #17

    CPLTD's Avatar
    Join Date
    Apr 2008
    Location
    Northamptonshire
    Posts
    4,065
    Thank Post
    1,401
    Thanked 652 Times in 507 Posts
    Blog Entries
    1
    Rep Power
    261
    Quote Originally Posted by pcstru View Post
    So we have some clever clogs who are attempting to hack our wireless network, which while unlikely to succeed, is causing our radius server some unnecessary work. We want to track them down.

    We have a Meru system and can see the AP they are using, so we know approximate location, we also have a MAC address - assuming it is not being spoofed. What tools can we use go the last few yards and collar the perpetrators?
    Have you looked at Airtight? I don't mean ripping out and replacing the Meru system, but adding the senor only AP's (which are cheap) as an overlay.

    Airtight Networks - Secure Cloud-Managed WiFi

    Chris

  3. #18


    Join Date
    May 2009
    Posts
    3,121
    Thank Post
    275
    Thanked 838 Times in 630 Posts
    Rep Power
    332
    To be honest, I'd ban the MAC before spending any money!

  4. #19
    TheRobins's Avatar
    Join Date
    Jan 2014
    Location
    Worcestershire
    Posts
    41
    Thank Post
    21
    Thanked 2 Times in 2 Posts
    Rep Power
    2
    Interesting read, how did you get on in the end?

  5. #20


    Join Date
    May 2009
    Posts
    3,121
    Thank Post
    275
    Thanked 838 Times in 630 Posts
    Rep Power
    332
    I set up a laptop with ubuntu to run Kismet and ... they stopped!

  6. #21

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,505
    Thank Post
    1,585
    Thanked 486 Times in 304 Posts
    Rep Power
    217
    Anyone with a working knowledge of Backtrack would know how to spoof their MAC, would know what can and cant be hacked and would at least attempt to cover their tracks.

  7. #22
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,345
    Thank Post
    121
    Thanked 94 Times in 64 Posts
    Rep Power
    29
    I use MAC filtering on top of radius to try and minimize this kind of thing. Obviously I don't have a BYOD wireless system yet!

    Its does require maintenance but at least you're putting a first line of defence in, not exactly rock solid but it slows down the lazy hacker!

  8. #23


    Join Date
    May 2009
    Posts
    3,121
    Thank Post
    275
    Thanked 838 Times in 630 Posts
    Rep Power
    332
    So an update : I found out a couple of things. First, Meru's Interactive Per-Station Event Logging Shell described Here allows me to track events by their MAC address and shows me which AP they are trying to connect to. That allows me to track to a reasonably tight location when they are in a class. I then have two techniques to narrow it further :

    1. Set Intersection : Monitoring for a week or two - not constantly but looking a few times within a lesson time and recording the approx location. I can then tie that in with timetable data to narrow down which classes were close to those locations at that time.

    2. Wireshark : Use Wireshark with the wireless card in monitor mode + Promiscuous, use a filter to only show traffic from the MAC address I'm interested in. Capture and display the RSSI headers which give a signal strength for each captured packet. I have this on a small, light netbook running Ubuntu (windows seems to prevent access to network card functions which are critical to this) so I can wander over to the location the Meru monitoring gave me and pretty well tie it down to a class on signal strength. Generally devices seem to give away what they are (HTC, Samsung etc), so if necessary we could use that to narrow it down to a few students and proceed from there.

    I'm hoping the warning I put to a class this morning will have the necessary effect. If it does I'm 1 down, 5 to go.

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. How to secure a wireless network against hacking attempts?
    By Thelps in forum Wireless Networks
    Replies: 7
    Last Post: 22nd January 2013, 01:29 PM
  2. Wireless ... Give me your brains
    By ajbritton in forum Wireless Networks
    Replies: 36
    Last Post: 25th October 2005, 07:47 AM
  3. Fujitsu Seimens Amil Pro 2010 Wireless
    By Mango_RW in forum Hardware
    Replies: 11
    Last Post: 27th September 2005, 07:54 AM
  4. Wireless signal Levels
    By ChrisH in forum Wireless Networks
    Replies: 2
    Last Post: 19th July 2005, 09:08 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •