Slashdot Mirror
Wireless Camouflage?
Anonymous Coward writes "Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables. Fake AP is a proof of concept released under the GPL."
The have the correct SSID entered in their settings.
No, since you are manually setting your card to a specific network name you and your AP will be able to talk. If you are trying to passively sniff a network for available network names you will have a hard time since lots of phoney ones are received (or at least that seems to be the idea behind this).
I spent a year in Iraq looking for WMD and all I found was this lousy sig.
You should know what your SSID is. That is how your device knows which AP it should use.
What keeps the wardriver from doing that? :)
Don't tell the wardrivers your SSID.
How does this affect performance? how does this affect range?
Minimal. The packets that announce APs are a small fraction of your outgoing packets.
Michael Loves Me!
It seems to work very well and would foil would-be wardrivers.
A strange game. The only winning move is not to play. How about a nice game of chess? - Joshua (Wargames)
and they had lots of dumb windows clients trying to associate with them
Which is exactly why this is a bad idea. The software doesn't just send beacons. It requires to you install a driver which contains full AP functionality, and then starts configuring it with random MAC address and common, well known SSID's, every quarter second. Which means that anybody within range who happens to have "linksys", or "tsunami", or any of a handful of common SSID's is going to be out of luck when their laptop connects to whomever is running this Alchemy "tool". People who set up broken AP's with liberal (i.e. wide open) security are assholes. And that's exactly what this. software does.
You configure it to talk to your WAP.
This product works a lot like a flare that is used to distract missiles or other military ECM. It's meant more as a distraction. I am surprised someone didn't come up with this idea before now.
I think the point is that it will waste the potential intruder's time - not that it will totally secure your network. If the potential intruder WANTS to get in, he/she will get in eventually. This is to confuse someone trying to just do a drive by hit.
Then again, there is no stopping luck - what if the person hits on the right access point the first time?
I haven't seen any studies on wireless where people are finding Wireless AP's with the "Broadcast SSID" turned off (NetStumber can't find WAP's if you have the "Broadcast SSID" turned off)and MAC security enabled (you can clone a MAC address but you have to have a card that can do this function). If you are going to run a Wireless AP, why would you let any MAC hook into your system and why would you broadcast your wireless AP? Ok, you might have some clueless users who don't know how to configure their laptops and yes, it is a pain in the ass to have to distribute the SSID and the encryption Network key to everyone but why would you make it that much easier for an intruder?
If you have a WAP that doesn't let you turn off the broadcasting of the SSID, why don't you research into either flashing the firmware to enable this feature or buying one that does let you do that? They aren't that expensive anymore.
e. Faust
This is security by obscurity in the same way that chaff released to confuse a radar system is. You obscure a target so that attacking it with your primary mode of attack is no longer profitable.
In other words, as many others have said, it's another layer of protection. I certainly wouldn't leave my network unsecured behind such a fuzz curtain.
Just think of this as a form of radar jammer. It doesn't stop you from looking for the target. It just makes one of the easier ways of doing so hard.
--JoeProgram Intellivision!