Jump to content

Monitoring WLAN for hacking attempts


Jarri

Recommended Posts

So you can send lots of deauths to make client reconnect, and then some.

Commercial cable/ADSL modems all have WiFi built in, for easy access point to share internet connection. But NONE of them have the ability to protect or monitor itself agains hacking attempts. One can freely deauth with fury and the modem does nothing, or says anything to the owner, about what is happening. The situation is allmost the same like with GSM, I have no idea what mobile station my GSM/HSDPA cellphone is connected or what is happenin in the air.

Are there any scripts/programs (for pineapple) made for monitoring your own WiFi access point to detect hacking attempts?

The simplest hack detector I guess would be the deauth monitoring of my own AP?

What about monitoring other weird WiFi activity, what can be done?

Link to comment
Share on other sites

Sort of.

They can't disable your Wi-Fi but they can use deauth as a denial of service and they can't force you to login twice but most Wi-Fi supplicants will automatically reconnect if disconnected so there will be multiple authentication attempts.

Link to comment
Share on other sites

3 minutes ago, digininja said:

Sort of.

They can't disable your Wi-Fi but they can use deauth as a denial of service and they can't force you to login twice but most Wi-Fi supplicants will automatically reconnect if disconnected so there will be multiple authentication attempts.

What are the alternatives of wifite and reaver to hack wifi ? ( If you don't have a word list i.e don't want to try brute force attack?

Link to comment
Share on other sites

Yes! "Wireless Intrusion Detection System" is the term I was looking for. Now, nex step is to set up a practical low power system to this on everyday basis, automatically.

https://www.securitywizardry.com/index.php/products/server-security/wireless-ids.html

Propably a best platform to do this would be some low-cost low-power ARM router board (Pineapple?) with OpenWRT etc. pushing warnings to email or even turning off WiFi when something is detected. This will be a longer project I'm afraid..

Link to comment
Share on other sites

I know a guy that used to use the old linksys wrt-54g to run kismet drones at his facilities.  They'd all connect back to his central server at the main office.  They just used the corp lan and vpn connections, so if you're doing this for remote listening, you'd have to figure that part out yourself, but a reverse ssh connection should work.  I know another guy in Denmark that used a half dozen of them with soldered on serial gps modules in his brother's cab company's cars for war driving.  He's in the top 50 on Wigle because of this.  Should be able to pick these guys up pretty cheap, just make sure you either get one of the older models, or the wrt-54gl model.  There were a couple revisions before the gl model came out that can't be flashed to dd-wrt very well if at all.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...