Slashdot Mirror

← Back to Stories (view on slashdot.org)

Auto-Scanning the Names People Choose For Their Wireless APs

Posted by timothy on from the just-name-them-all-hidden dept.

MichaelSmith writes "I code on the tram, going to and from work, and I noticed that there are a lot of WiFi access points along the way. So one week I made it my job to write an automatic scanner which runs from a cron job every minute during commuting times. My backup script pushes the new AP names to my web server and you can read it online. It is a mixture of the straightforward, naive and funny, with a few pop culture references along the way. The first column in the file is the number of access points with that name. The second column is the AP name, in brackets to pick up white space." Why can't "Dress Me Slowly" and "Domestic Bliss" just share an AP?

11 of 422 comments (clear)

  1. Re:Best SSID by JWSmythe · · Score: 5, Informative

        I used to leave mine unencrypted, and change the name occasionally, calling it "BankOfAmerica", "FirstBankOf[mycity]", "FBI", "NSA", "CovertOps4", etc. I was very disappointed that I didn't have people trying to do nefarious things.

        Now I just call it "unreachable", and encrypted, which seems to have the same result. Ok, that's a lie, but I'm not going to post my real SSID here. :)

        I really appreciate all the folks with the Verizon DSL/FiOS routers with the 5 character SSID's, since those are easily crackable. They're nicer than the unencrypted ones, since I'm not competing with other users for the line. :)

        My last drive got over 2,000 in about 20 miles. Most were totally boring, and like 25% were unencrypted.

    --
    Serious? Seriousness is well above my pay grade.
  2. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by leromarinvit · · Score: 5, Informative

    Huh? There's nothing illegal about logging the names of Wifi networks. Or at least there shouldn't be, as that would be completely crazy.

    It's aking to noting the names people display publicly next to their doorbells, just easier to do. He didn't connect to any of the networks, just log their names. Nothing wrong with that.

    --
    Proud member of the Ferengi Socialist Party.
  3. Re:Best SSID by quantumplacet · · Score: 5, Informative

    My FIOS wireless router came w/ 64 bit WEP enabled and a little brochure that claimed that cracking wireless networks was "just in theory" and that 64 bit WEP was in "as secure as a wired network".

  4. Re:Why. by Anonymous Coward · · Score: 5, Informative

    Besides the fact that assuming someone such as yourself uses WPA/WPA2 PSK, the SSID is seeded with the hash and by using the default one, you leave yourself open to the likes of rainbow table attacks - http://www.renderlab.net/projects/WPA-tables/

  5. Re:If you know enough to change the name... by Anonymous Coward · · Score: 5, Informative

    Hiding the SSID decreases your security. When the access point broadcasts the SSID, the clients passively listen for it when they're not in range. When the SSID is hidden, clients broadcast the SSID in search of the wireless LAN wherever they are. This tells attackers about your laptop. There's even a ready-made attack tool for this: the "JaSager" (an implementation of "Karma") will listen for the probe requests and pretend to be your access point. If your WLAN is encrypted, you won't fall into that trap, but anyone who uses MAC address filters and hidden SSID as the only access control mechanisms is instantly MITMd. Even if you can avoid fake access points, your laptop still leaks your SSID and any information that may give (your name? your address? an obscenity?). Don't turn off SSID broadcasts.

  6. Re:Best SSID by jandrese · · Score: 4, Informative

    If your switch has a collision light, you might just have a hub.

    --

    I read the internet for the articles.
  7. Re:What you are doing is ILLEGAL, IMMORAL, and IIM by tagno25 · · Score: 4, Informative

    you are not talking to it, it is talking to you

  8. Re:Having RTFA for once... by geminidomino · · Score: 4, Informative

    <-o-> TIE Interceptor
    <-oo-> TIE Bomber
    [-o-] Darth Vader's Prototype TIE Fighter (TIE Advanced)

  9. Cached version: by Twigmon · · Score: 4, Informative

    http://artifacts.glitch.tl.nyud.net/access_points.txt

  10. Re:On a lazy Saturday evening by MichaelSmith · · Score: 4, Informative

    I can't believe it. I extracted the text file from mercurial and put it on disk as a plain text file. I submitted this article before I went out to my son's birthday party. When I got back I wondered why nothing was working.

    Once the smoke clears from my office I will go through the logs and try to work out whether it was the single, short plain text file or the link to the source code which did the damage.

    --
    http://michaelsmith.id.au
  11. Re:So... WTF is "Free Public WiFi" really doing? by bemymonkey · · Score: 4, Informative

    How about evil people sitting at airports with laptops, setting up ad-hoc networks and trying to steal credit card numbers from unsuspecting travellers? Wasn't that actually on Slashdot a few months back?

    Rule of thumb: Don't log onto ad hoc networks unless you know who's running them...