Slashdot Mirror

← Back to Stories (view on slashdot.org)

802.11b Honeypots Open for Business

Posted by CmdrTaco on from the are-you-secure dept.

11thangel writes "SecurityFocus is running a story about a wireless honeypot project, being run by the SAIC. The setup consists of 5 Cisco access points in the Washington D.C. area, with two extra antennas (high gain omni's) plugged in. The network itself has a bunch of comps with various vulnerabilities, similar to a traditional honeypot. At the present, the network doesn't have a net connection, but the administrator is considering hooking it through a web proxy that would add a consent-to-monitor banner, so he can watch who's doing what. Time to find a WiFi card that can MAC-hop."

3 of 103 comments (clear)

  1. Sabotage their efforts by Anonymous Coward · · Score: 1, Interesting

    They claim they want to find out how much real life hacking use wireless networks are getting... but then they tell people where these are (roughly, DC is not really a huge city). It seems to me that this will just lead to more people looking for them just for fun, and not for any real use.

    Anyway, the real wireless hotspot in DC is going to be American University since they're going all wireless this year. Nothing says wide open like a campus network! ;-)

  2. Re:Warchalk by dattaway · · Score: 4, Interesting

    Using a honeypot for an access point by a casual user might be safer than other people's motives for setting up an open system. You don't know who is providing you with that signal and if they are sniffing for cookies and passwords. Is it just a clueless person who owns an access port? Or is it someone who is looking for interesting user habits that he hasn't learned to sniff directly from the cable?

    Common sense would dictate never to use an untrusted network for personal information, but I can see it now: people in the park with a laptop will connect to an unknown system and start chatting their personal problems on irc. The Senator's son doing this? Never happen! ;)

  3. Re:*sigh* by funky+womble · · Score: 2, Interesting
    IEEE 802.11b doesn't have support for banners (unless maybe you write a really long SSID and even then it wouldn't always be seen)...

    There are ways of grafting them on (using http redirection and so on), but those won't be seen by everyone and there are no standards, so it's not possible to connect using a script (for example). Just one example of why 802.11 isn't really an ideal protocol for public networks.

    It's probably about time there were standards for things like: displaying network AUPs, privacy policies, registration/authentication. Ideally machine-readable so they could be used automatically where desired (would be quite easy to have third parties validate and sign these, done on a regular basis it would make it easier to block any networks discovered to be rogue by refusing to sign a renewal).

    I think DHCP might be a reasonably good place for something like that to go (there are plenty of occasions it would be useful on a wired network too) but this type of thing is rarely useful without fairly widespread support.