Slashdot Mirror

← Back to Stories (view on slashdot.org)

Detecting 802.11 Discovery Apps

Posted by Hemos on from the looking-at-the-backdoor dept.

Joshua Wright writes "I have written a white paper on detecting 802.11 Wireless LAN Network Discovery applications. Wireless LAN discovery through the use of applications such as NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular technique for network penetration. The discovery of a wireless LAN might be used for seemingly innocuous Internet access, or to be used as a "backdoor" into a network to stage an attack. This paper reviews some of the tactics used in wireless LAN network discovery and attempts to identify some of the fingerprints left by wireless LAN discovery applications, focusing on the MAC and LLC layers. This fingerprint information can then be incorporated into intrusion detection tools capable of analyzing data-link layer traffic. "

21 of 165 comments (clear)

  1. is there redundancy... by z-kungfu · · Score: 3, Funny

    ...in their detecting detectors?, or are the detectors detecting only getting detecteed once? anyway you put it that's a lot of detecting detectors and vise versa...

    1. Re:is there redundancy... by essell · · Score: 2, Funny

      Reminds me of The Big Hit, where they have the Trace Buster, and the Trace Buster Buster, and so on.

      How soon until we see dectectors built into the discovery apps, to detect the dectector detectors? :)

      --
      i swear my userid used to be lower.
    2. Re:is there redundancy... by Llama+Keeper · · Score: 4, Funny

      Dude, you forgot the Trace Buster Buster Buster, cuz that shiat will bust his trace. The Big Hit, the best low budget no box office movie every made. Don't forget that China Chow is smoking hot! Glad to see another Big Hit fan out there!

      --


      Rule of Life Number 2: Remember, it can all go to hell at any minute. --Jimmy Buffet
  2. Yeah... by Anonymous Coward · · Score: 4, Funny

    My girlfriend gets pissed anytime I even mention backdoor penetration...

    1. Re:Yeah... by kalos · · Score: 4, Funny

      That's because you are flat out penetrating her network through the back door. Do some probing first man. You have to find out if there are any ports or services receptive to your connection before you attempt to dive right in and exploit any weaknesses.

    2. Re:Yeah... by the+way,+what're+you · · Score: 4, Funny
      My girlfriend gets pissed anytime I even mention backdoor penetration...

      That's because she wants you to spend time with her, not your buddies.

      --
      example.org - powered by Linux!
    3. Re:Yeah... by geekd · · Score: 4, Funny

      Dave's relationship rule #27:

      "When you find a woman who reacts positivly to the suggestion of 'backdoor penetration', seriously consider marriage"

      rules to live by.

  3. There's an easier way by cscx · · Score: 3, Funny

    I just tend to look for the box on the wall plugged into an ethernet cable with the two antennae sticking out of it.

  4. Love it. by geekd · · Score: 4, Funny

    God damn, I love a good arms race.

    Are you a coder? Need work? Get involved at the beginning of an arms race such as this one. Employment for years and years. Get involved early enough, and soon you will be an "expert".

    Of course, there are more employent opportunities on the defensive side of the race, while the more fun side is the offense.

  5. Arms Race by RAMMS+EIN · · Score: 3, Funny

    OK, here's another arms race.

    - With this anti-missile missile, we can intercept their missiles!
    * But what do we do if they build an anti-anti-missile-missile missile?
    - Simple, we build and anti-anti-anti-missile-missile-missile missile.
    * Ow...I have a headache.

    --
    Please correct me if I got my facts wrong.
  6. War Is Good: +1, Even More Patriotic by Anonymous Coward · · Score: 1, Funny

    Rejoice and make war your life:

    See Naqoyqatsi

    (Na-qoy-qatsi: (nah koy' kahtsee) N. From the Hopi Language.
    1. A life of killing each other. 2. War as a way of life. 3.
    (Interpreted) Civilized violence.

  7. oh oh... by citroidSD · · Score: 2, Funny

    This whitepaper is published in PDF format, so it must be serious! Unlike those HTML white papers written by script kiddies....

  8. Wierd... by Eric_Cartman_South_P · · Score: 4, Funny
    ...every time I mention it to her, I get no complaints.

    1. Re:Wierd... by _ph1ux_ · · Score: 5, Funny

      thats because you're not trying to come through the back door with an OC-192.

    2. Re:Wierd... by Anonymous Coward · · Score: 1, Funny

      What's the matter with my 300-baud Hayes?

  9. Ok, so you have detected an intrusion.... by Anonymous Coward · · Score: 3, Funny

    What do you do now?
    Go outside and kick ass on the guy with the laptop?

    You could sneak up behind him and strangle him with all that extra cat-5 you have lying around now.

  10. My Whitepaper by suwain_2 · · Score: 5, Funny

    That's funny, I'm working on a similar whitepaper: Detecting 802.11 Detector Detectors, to detect people trying to detect people trying to detect 802.11 networks. Including is some sample code to detect the detector detectors, but it seems to get into a nasty infinite loop, and I can't figure out why.

    --
    ________________________________________________
    suwain_2 :: quality slashdot p
  11. EMP by zonker · · Score: 1, Funny

    well u could remove the threat completely with the help of a three letter friend.

    --

    Large print giveth, and the small print taketh away

  12. Have some fun, that's what by wirefarm · · Score: 3, Funny

    Mirror Hotmail and Yahoo's login pages on a local server and collect passwords. Write 'creative' emails on their behalf to their friends and parents and (potential) employers.

    Rewrite stock quotes on the fly...

    Write a perl script that will rewrite outgoing POP emails
    (s/Regards,/I love you,/g is an old favorite of mine...)

    I figure if someone uses my network without asking for permission, I have the right to make them look like an idiot.

    Cheers,
    Jim

    --
    -- My Weblog.
  13. Sometimes old houses are best...... by Anonymous Coward · · Score: 1, Funny

    If you don't want some joe schmoe stealing bandwidth. thank god to the prolly near infinite layers of lead paint (and any other factors) under all the decent paint on my old victorian house. Makes signals so weak outside you have to be about 3 feet from the outside walls just to do anything. So if some unknown is on my lan, he's prolly in my lawn too......sprinkler time hehehehe....im a total bastidge.

  14. Re:[preaching] share the bandwidth! by nakaduct · · Score: 3, Funny

    > wouldn't it be cool if you could walk down the street and stay connected to icq without getting your ass kicked?

    That would be pretty cool, even without ICQ.