Hacker-Built PC Scans 300 Wifi Networks At Once

An anonymous reader writes to mention an Engadget post on an incredibly powerful wifi scanner. The 'Janus Project', as it is called, can sniff 300 networks simultaneously. It stores and encrypts the data as it receives it, for later use. From the article: "In addition, the Janus Project has an instant off switch, which requires a USB key that has a 2000-bit passkey and a separate password to regain access. What's under the hood? Williams packed an Ubuntu Linux machine running on a 1.5GHz VIA C7 processor with an Acer 17-inch screen into that snazzy little rugged yellow box. Oh, and the closed case is waterproof too, in case you need to transport Janus Project on a whitewater raft to your next hacking hotspot. We don't doubt someone will." The post leads to a tgdaily article, which offers more details.

This device is against FCC Part 15 rules

[w9ofa]

The one watt amplifiers mentioned in the article almost guarantees that this device is operating outside the FCC part 15 rules.

I know everyone on /. hates the FCC, but consider how many nearby wireless networks might be effectively DoS'ed while he is trying
to hack some schmuck's WEP key.

Re:Just about time

[Kadin2048]

Did you even read the article?

In addition to scanning for wireless traffic, Williams says the computer can break most WEP keys very quickly by focusing all eight wireless cards on the access point. Using a combination of common utilities like airreplay, airdump and aircrack, Willams said, "When I use all 8 radios to focus in on a single access point, [the WEP key] lasts less than five minutes." However, he added that some retail wireless access points will "just die" after being hit with so much traffic.

...

Williams is improving the Janus computer to crack wireless networks even faster. He is optimizing software routines to use the C7 chip to crack WPA and WPA2 protected networks without the use of Rainbow tables. He is also working on breaking SHA1 and RSA encryption in a single processor instruction cycle.

No, it can't decrypt traffic from 300 networks at once, but it can certainly crack one that's encrypted with some of the most common algorithms rather quickly. It's more than just a recording device. Although, if it really can crack networks that quickly, then concievably you could crack all the WEP-enabled networks in range, and then start logging all the traffic on all the networks that you could hear, encrypted and not, for later analysis.

So use VPNs.

[Randseed]

You'd think by now that people would go ahead and use WEP or WPA, but tunnel traffic over a VPN even to internal sites. That's what I do. While someone may be able to crack my WEP or WPA keys, all that gets them is the ability to access the VPN port on the router. Everything else, including traffic to internal machines, is dropped unless it comes from the VPN. And since the VPN address is on a seperate subnet, the WAP won't route the traffic if you force your IP address to be open, but appear as the VPN IP address.

Obvoiusly not foolproof. I need to get all the machines to drop the traffic unless it's routed through the router. In other words, it doesn't matter where it comes from, but the machines will only listen to traffic coming in off the VPN subnet, and then only listen to that if it's being routed by the internal router. That keeps someone from being cute somehow and confusing the network by plugging something in with an IP address that's on the VPN subnet; since it wouldn't come via the internal router (VPN server), the machines would go "Uh, WTF?"

283 * 0 = 0

[Doc+Ruby]

The WiFi bandwidth has 17 data channels, each of which can be controlled by only one network at one time. How can a single node sniff more than 17 networks simultaneously.