Jump to content

vailixi

Recommended Posts

How do I set my my wireless card or access point to ignore deauthentication requests completely?

There's a kid down the street running a wifi jammer. I've been monitoring this activity for some time. Altogether I find this activity amusing but also annoying. I'm not reallly concerned with activity. Kids will be kids. But I would like to figure out how to just ignore deauthentication attacks.

Any help would be awesome. B)

Link to comment
Share on other sites

802.11w is suppose to be the answer to blocking deauth attacks. You need a wireless access point that has 802.11w support (or setup a open-wrt access point with 802.11w support). Then you need a wireless adapter on your workstation that also supports 802.11w with an driver/operating system that supports 802.11w (Windows 8/ Linux kernel compiled for 802.11w).

802.11w provides protection against deauthentication and disassociation frames. It uses a pair of one time keys between the client and access point. This allows the client to determine if the deauth that is sent is legit (coming from the access point) or not.

I do not have this setup or working myself. I am planning on getting something setup in the near future to play around with.

Link to comment
Share on other sites

In the meantime, setup a whitelist of mac addresses, and just keep one nic on an extra machine with linux running mdk3 at all times. Fuck the neighbors. /sorry, bad day

mdk3 mon0 d -w whitelist
Someone has been trying to knock the wife off at work a lot lately, so I just leave my laptop running mdk3 all day so she can work, and its worked out pretty well keeping her on while she works. If I stop it, whoever it is in the shopping center(We think its the AT&T store people fucking with the wifi few doors down from her store) kicks her off her wifi, so I just let it run all day when I am there and she stays connected.
Link to comment
Share on other sites

If they are targeting the deauth at the client then you can modify Linux clients to ignore deauth messages. Josh Wright blogged about it quite a few years ago.

You basically go through the supplicant source code, find the function that handles deauth messages and comment it out.

Link to comment
Share on other sites

If they are targeting the deauth at the client then you can modify Linux clients to ignore deauth messages. Josh Wright blogged about it quite a few years ago.

You basically go through the supplicant source code, find the function that handles deauth messages and comment it out.

That would be excellant if my wife were on linux..lol, but shes on Windows and I have her setup to not automatically reconnect if she gets kicked off so no one can capture her hand shake, but she manually just disables and re-enables the nic when it happens, so she kind of defeats the purpose and I can capture her handshake every time she logs back on.

I cracked her bosses WPA2 in about 20 minutes, since it was sequential set of 9 random numbers and me knowing the password to get on since I've used their wifi before (She works for my brother in law so its all good, family business) I showed her why she needed to tell them to change the damn password to at least 15 or more characters and use more than just 9 numbers, such as upper and lower case, change the default SSID from Netgear, etc, but no one listens.

At their other store across town, they only use WEP because the one employee's laptop, isn't capable of WPA and I assume hes using XP still with an older built in wifi card(My sister had the same problem with her older Toshiba, couldn't do WPA, only WEP).

Yeah. I know. Don't have to tell me. Be better off wired and turn off the wifi. I setup a second router and bought a 50 foot ethernet cable to put me in the back on another router and use wired, while I setup my wifi side, just to run mdk3 all day while I am at work with her. The only other people in her shopping center with wifi, are the karate place next door, and the AT&T shop, and the karate place, doesn't open till late afternoon, by which I have them whitelisted anyway, so my suspicions, are its the AT&T store, but they have a funky SSID that doesn't easily give away that its them short of me walking in and asking them if I can borrow their wifi for a few minutes to get online.

They let us borrow iPhone chargers all the time and we return them at the end of the day, since one of the things my wife does is buy iPads, tablets and cell phones, and someone walked off with the only iPad cable she had to charge them, so I think its them messing with us since they also are in competition with us to get customers, who get a better offer on their phones from us than they do from them, since we factory reset and sell them on eBay, while they just try to get customers to trade in or upgrade to the newest whatever it is they are pushing. Other than those two, the next closes wifi is a trailer park behind the stores, which unless someone has a cantenna pointed at her building(which I highly doubt since the back of the building is mostly metal) its got to be coming from out front since she has large glass windows and only people in range would be the AT&T store.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...