Slashdot Mirror

← Back to Stories (view on slashdot.org)

Auto-Scanning the Names People Choose For Their Wireless APs

Posted by timothy on from the just-name-them-all-hidden dept.

MichaelSmith writes "I code on the tram, going to and from work, and I noticed that there are a lot of WiFi access points along the way. So one week I made it my job to write an automatic scanner which runs from a cron job every minute during commuting times. My backup script pushes the new AP names to my web server and you can read it online. It is a mixture of the straightforward, naive and funny, with a few pop culture references along the way. The first column in the file is the number of access points with that name. The second column is the AP name, in brackets to pick up white space." Why can't "Dress Me Slowly" and "Domestic Bliss" just share an AP?

28 of 422 comments (clear)

  1. Re:Best SSID by JWSmythe · · Score: 5, Informative

        I used to leave mine unencrypted, and change the name occasionally, calling it "BankOfAmerica", "FirstBankOf[mycity]", "FBI", "NSA", "CovertOps4", etc. I was very disappointed that I didn't have people trying to do nefarious things.

        Now I just call it "unreachable", and encrypted, which seems to have the same result. Ok, that's a lie, but I'm not going to post my real SSID here. :)

        I really appreciate all the folks with the Verizon DSL/FiOS routers with the 5 character SSID's, since those are easily crackable. They're nicer than the unencrypted ones, since I'm not competing with other users for the line. :)

        My last drive got over 2,000 in about 20 miles. Most were totally boring, and like 25% were unencrypted.

    --
    Serious? Seriousness is well above my pay grade.
  2. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by leromarinvit · · Score: 5, Informative

    Huh? There's nothing illegal about logging the names of Wifi networks. Or at least there shouldn't be, as that would be completely crazy.

    It's aking to noting the names people display publicly next to their doorbells, just easier to do. He didn't connect to any of the networks, just log their names. Nothing wrong with that.

    --
    Proud member of the Ferengi Socialist Party.
  3. Re:MY_NETWORK by Anonymous Coward · · Score: 1, Informative

    The IP address of the server belongs to Spin Internet Services, an Australian ISP, and the reverse lookup has a ".dyn." name component, suggesting a dynamic assignment. Professional web hosting, even shared hosting, should not go down that fast. He's probably hosting his web page at home.

  4. Re:Best SSID by quantumplacet · · Score: 5, Informative

    My FIOS wireless router came w/ 64 bit WEP enabled and a little brochure that claimed that cracking wireless networks was "just in theory" and that 64 bit WEP was in "as secure as a wired network".

  5. Re:Why. by Anonymous Coward · · Score: 5, Informative

    Besides the fact that assuming someone such as yourself uses WPA/WPA2 PSK, the SSID is seeded with the hash and by using the default one, you leave yourself open to the likes of rainbow table attacks - http://www.renderlab.net/projects/WPA-tables/

  6. Re:If you know enough to change the name... by Anonymous Coward · · Score: 5, Informative

    Hiding the SSID decreases your security. When the access point broadcasts the SSID, the clients passively listen for it when they're not in range. When the SSID is hidden, clients broadcast the SSID in search of the wireless LAN wherever they are. This tells attackers about your laptop. There's even a ready-made attack tool for this: the "JaSager" (an implementation of "Karma") will listen for the probe requests and pretend to be your access point. If your WLAN is encrypted, you won't fall into that trap, but anyone who uses MAC address filters and hidden SSID as the only access control mechanisms is instantly MITMd. Even if you can avoid fake access points, your laptop still leaks your SSID and any information that may give (your name? your address? an obscenity?). Don't turn off SSID broadcasts.

  7. Re:Why use cron? by vrmlguy · · Score: 2, Informative

    You're missing out on a lot of SSIDs if you're only scanning once a minute. A simple "while true; do iwlist $options >> script1.txt; done" in a few scripts started a second or two apart will help catch more. Maybe set up a cron job to cat and sort -u them together occasionally.

    This is the tram! It doesn't take a different route every day. Just repeat the scan for a few weeks, you'll slowly fill in the gaps.

    --
    Nothing for 6-digit uids?
  8. Re:Best SSID by Cyberax · · Score: 2, Informative

    "as secure as a wired network"

    Considering that you can tap wired network just by cutting a cable and connecting it through a hub - your brochure was quite correct.

  9. Re:Oh, the humanity! by Midnight+Thunder · · Score: 2, Informative

    Why do people post their own stuff here, knowing that their site will crash and burn within seconds? Both of the links are dead. Both!

    Free load testing. Seriously you would pay someone to do that ;)

    --
    Jumpstart the tartan drive.
  10. Re:Best SSID by jandrese · · Score: 4, Informative

    If your switch has a collision light, you might just have a hub.

    --

    I read the internet for the articles.
  11. Re:Having RTFA for once... by Anonymous Coward · · Score: 1, Informative

    That would be ( =(O)= )

    It's like yelling.

  12. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by tagno25 · · Score: 4, Informative

    you are not talking to it, it is talking to you

  13. Re:Having RTFA for once... by geminidomino · · Score: 4, Informative

    <-o-> TIE Interceptor
    <-oo-> TIE Bomber
    [-o-] Darth Vader's Prototype TIE Fighter (TIE Advanced)

  14. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by KingArthur10 · · Score: 3, Informative

    You obviously have no clue how wifi works. The routers are broadcasting their identification codes and names. All your computer has to do is listen. It's the same as if you were just tuning into all the local FM bands and listening to what other people were listening to (as most of those devices are unencrypted). He doesn't have to "ping" the other wifi networks to listen to them. He doesn't hack anything or attempt to decrypt anything; he simply listens to routers shouting out their names. Perfectly legal. If you scan for wifi access points with Windows, you're doing the same thing; the only difference: he wrote the names down and put the names online.

    --
    I came, I saw, She conquered.
  15. Here is a mirror, the site is slashdotted and down by agoodm · · Score: 2, Informative

    http://www.yescomputersolutions.com/access_points.txt here we go. :-D

  16. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by Anonymous Coward · · Score: 1, Informative

    Not that the DMCA means a whole lot in Australia anyway...

  17. Cached version: by Twigmon · · Score: 4, Informative

    http://artifacts.glitch.tl.nyud.net/access_points.txt

  18. Re:Australia? by Jimbookis · · Score: 3, Informative

    Seriously, you read /. and you don't know your Monty Python?

  19. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by SilverJets · · Score: 2, Informative

    Except picking up the SSID that is being openly broadcast is not even remotely similar to pinging that same router.

  20. Re:On a lazy Saturday evening by MichaelSmith · · Score: 4, Informative

    I can't believe it. I extracted the text file from mercurial and put it on disk as a plain text file. I submitted this article before I went out to my son's birthday party. When I got back I wondered why nothing was working.

    Once the smoke clears from my office I will go through the logs and try to work out whether it was the single, short plain text file or the link to the source code which did the damage.

    --
    http://michaelsmith.id.au
  21. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by tapanitarvainen · · Score: 2, Informative

    It's public information [...] And, of course, recording and publishing these things is simply recording and publishing a list of facts; a practice which has long been protected by various laws and rulings.

    Not everywhere. In many European jurisdictions at least it is not at all obvious that publishing a list made of publicly available information is legal. In particular, if it is considered "personal information" about people, creating a new compilation of it falls under various personal data protection laws - even if every individual piece of information in there is publicly available somewhere.

    I don't know of any place that'd considered AP SIDs to be personal information in that sense, though - but it wouldn't surprise me either.

  22. Re:Melbourne. by MichaelSmith · · Score: 2, Informative

    Getting the use of their TLD must have been part of the deal for the army going in to rescue them from Indonesia. Along with the oil of course.

    The .tl domain names are cheap and convenient for me.

    --
    http://michaelsmith.id.au
  23. Re:answer. by MichaelSmith · · Score: 3, Informative

    I live in Clarence street in East Brunswick and I get on at Blythe street. Because its at the end of the line I always get a seat. Going the other way I get on at the WTC in Clarendon street and even if the tram is full at that point it half empties at southern cross station. Going to work I normally sit at the northern end of the tram with an eeepc 701 on my lap. Feel free to say hello if you recognise me. I usually get on at 0730 and ~1745 or so.

    --
    http://michaelsmith.id.au
  24. Re:So... WTF is "Free Public WiFi" really doing? by bemymonkey · · Score: 4, Informative

    How about evil people sitting at airports with laptops, setting up ad-hoc networks and trying to steal credit card numbers from unsuspecting travellers? Wasn't that actually on Slashdot a few months back?

    Rule of thumb: Don't log onto ad hoc networks unless you know who's running them...

  25. Re:Best SSID by fm6 · · Score: 2, Informative

    Ok, that's a lie, but I'm not going to post my real SSID here. :)

    Why not? Knowing your SSID doesn't help anybody guess your paraphrase.

    BTW, who's your favorite porn star?

  26. Re:If you know enough to change the name... by speederaser · · Score: 2, Informative

    When the SSID is hidden, clients broadcast the SSID in search of the wireless LAN wherever they are. This tells attackers about your laptop.

    Many people's laptops do this regardless of the setting on the access point. This is the default in XP. You have to make sure the "Connect even if the network is not broadcasting" box is unchecked to turn off client broadcasting. In Vista and I believe W7 this is off by default.

  27. Re:So... WTF is "Free Public WiFi" really doing? by Techman83 · · Score: 3, Informative

    I don't think it was malicious and can confirm this was a significant issue at my work place. There was a hotfix that prevented it from happening and it was definitely addressed in SP3. Microsoft Windows Silent Adhoc Network Advertisement

    --
    # cat /dev/mem | strings | grep -i cat
    Damn, my RAM is full of cats. MEOW!!
  28. Re:Best SSID by DMUTPeregrine · · Score: 2, Informative

    The encryption used in WEP (RC4) is secure, it's just the implementation that is flawed. The weak IVs allow an attacker to recover the key used, which lets one get onto the network. The attack doesn't break RC4.
    Encryption is an arms race, but the implementation is often the easiest thing to attack.

    --
    Not a sentence!