AirMagnet Wi-Fi Security Tool Takes Aim At Drones

← Back to Stories (view on slashdot.org)

AirMagnet Wi-Fi Security Tool Takes Aim At Drones

Posted by timothy on Tuesday July 22, 2014 @02:07AM from the command-and-control-is-next dept.

alphadogg (971356) writes "In its quest to help enterprises seek out and neutralize all threats to their Wi-Fi networks, AirMagnet is now looking to the skies. In a free software update to its AirMagnet Enterprise product last week, the Wi-Fi security division of Fluke Networks added code specifically crafted to detect the Parrot AR Drone, a popular unmanned aerial vehicle that costs a few hundred dollars and can be controlled using a smartphone or tablet. Drones themselves don't pose any special threat to Wi-Fi networks, and AirMagnet isn't issuing air pistols to its customers to shoot them down. The reason the craft are dangerous is that they can be modified to act as rogue access points and sent into range of a victim's wireless network, potentially breaking into a network to steal data."

52 comments

Min score:

Reason:

Sort:

Makes Perfect Sense by QBasicer · 2014-07-22 02:14 · Score: 5, Interesting

Instead of fixing a vulnerability or weakness in wifi, lets prevent drones from flying nearby. Because you can totally trust ALL your employees not to plug in a router to perform a similar attack.

--
x86, oh yes, I'm pro.
1. Re:Makes Perfect Sense by Sarten-X · 2014-07-22 03:20 · Score: 1
  
  It's a crappy story, but the real threat is that cheaply-available drones are an easy way to bypass physical security layers.
  Apparently, this update just adds specific identification for the Parrot AR, providing sysadmins with information about its location and video stream.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
2. Re:Makes Perfect Sense by ledow · 2014-07-22 04:13 · Score: 4, Informative
  
  Anyone who worries about wireless security and hasn't yet deployed WPA2-Enterprise and VLANs deserves everything they get.
  Seriously, an employee plugging in a router? ALARM BELLS GO OFF IN IT ROOM.
  An employee sets up a duplicate wireless network with the same SSID?
  Weird. None of the connection policies match, so nothing officially supplied by IT will connect to it. And employees "might" connect to it, manually, sure. If it wasn't that the wireless AP's around the place have spotted the intruder, emailled me, triangulated the position of the AP, flooded it off the airwaves, and you'd have to re-type in all your RADIUS / WPA keys into it in order for it to actually let you CONNECT without warnings anyway.
  It's just not a problem if you are serious about your wireless deployment. If you're not serious, that's the problem.
  I'm an IT guy that works in schools, with hostile users, some of them living on-premises, willing to break all the rules, some of whom have built their own drones to fly around the school premises, and this isn't an issue I'd be concerned about.
  For a start, the Cisco Meraki gear I use would "contain" any such network, and it would warn me, and it would even put a little pinpoint on a wireless heatmap if I so desired to tell me where they are.
  The rest is just taking a smartphone with a free app, walking to that point, and disciplining whoever I found there / taking down the drone and waiting for someone to come claim it.
3. Re:Makes Perfect Sense by plover · 2014-07-22 05:50 · Score: 2
  
  I think this is almost entirely a publicity stunt. It's easy to detect the manufacturer's OUI, and they're already selling a device that examines WiFi traffic, so why not add a signature for the Parrot? It costs them almost nothing, and it's kind of attractive in a faux-nerdy marketing person way. The salesman can use it to joke with the CIO when he's trying to sell them. The engineers will roll their eyes. but the executives will think they're doing something useful.
  The real question is if detecting R/C signals is worthwhile. Parrot's WiFi control is only one of many possible protocols they could use on the 2.4 spectrum, and there are many other bands available to R/C owners. If R/C is a real threat, they need to detect them all. Otherwise, their existing software to detect rogue access points is probably more important than identifying specific toys.
  Regardless of the technical merit, I think the marketing value is probably more than valuable enough to keep the rule around.
  
  --
  John
4. Re:Makes Perfect Sense by Tyrannicsupremacy · 2014-07-22 05:54 · Score: 0
  
  I'll bet you probably love eating bread sandwiches.
  
  --
  http://i.cubeupload.com/T6cyLu.png
5. Re:Makes Perfect Sense by Anonymous Coward · 2014-07-22 08:21 · Score: 0
  
  Shut up, they're fucking delicious!
6. Re:Makes Perfect Sense by Jane+Q.+Public · 2014-07-22 08:25 · Score: 1
  
  It's a crappy story, but the real threat is that cheaply-available drones are an easy way to bypass physical security layers.
  So are toy cars.
  
  So what?
7. Re:Makes Perfect Sense by sexconker · 2014-07-22 08:44 · Score: 1
  
  If someone plugs in a router with a spoofed MAC of an allowed device for that port, you'd never know.
  Most routers support MAC spoofing in order to forward the MAC of your main PC to the cable / DLS modem. Many ISPs will block a new MAC for a period of time or until your call up and tell them. If you require authentication on a wired port, they could set that up as well.
  The only way to prevent a MITM attack is to physically secure the network wiring or centrally manage per-device encryption keys/certificates. And I know you're not doing that. And if you want to claim that you are, I also know you're not doing it for your printers and other devices.
  For wireless, if someone plugs in a wireless router you might be able to detect it if you have antennas in range, but you can't stop it.
  The air marshal shit Meraki does is completely illegal. You can't jam wifi, which is all Meraki does for "containment". They even fucking admit that it's illegal to use it in their documentation.
  From https://meraki.cisco.com/lib/p... , page 8:
  
  2As containment renders any standard 802.11 network completely ineffective, containment measures should taken in your airspace. Extreme caution should be taken to ensure that containment is not being performed on a legitimate network nearby and, action should only be taken as a last resort. Unauthorized containment is prosecutable by law (subject to the FCC’s Communications Act of 1934, Section 333, ‘Willful or Malicious Interference’).
  http://transition.fcc.gov/Repo...
  
  Beyond the legality, it doesn't even work in a manner that could be called secure. It creates bubbles of noise where NO wifi works (hello DoS). It becomes a loudness war and the rogue AP will always have a bubble of effective range where it will win out. If you have two Meraki networks near each other, they often get into wars, shutting each other down where their edges meet.
  VLANs has nothing to do with wireless security. Segregating your networks with a VLAN is pointless - all the devices that are wireless APs also include routing functions. Use them. VLANs are meant for logically extending a network that is physically separate, not for logically separating a network that is physically connected.
8. Re:Makes Perfect Sense by Sarten-X · 2014-07-22 09:56 · Score: 1
  
  It's more than a signature ID. Apparently it also will interpret movement commands and intercept the video stream to show admins what the drone is looking at.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
Hey look old technology by i+kan+reed · 2014-07-22 02:14 · Score: 3, Funny

Wait! The old technology is attached to an autonomous quadrotor. Guess I'd better panic.
20 minutes of battery life by radioact69 · 2014-07-22 02:19 · Score: 2, Informative

This is the dumbest thing I have ever read, and I have read some dumb stuff. Slashdot FAIL.
A lot of effort there by Anonymous Coward · 2014-07-22 02:23 · Score: 1, Insightful

A lot of effort to stop a threat I've not heard of anyone doing. How is this easier and more stealthy then someone in a car with a wireless cracker?
The number one source of data breaches/theft is from employees. Are they suggesting employees are going to do something so elaborate/expensive/unreliable? Wow am I confused.
Would probably make a good TV show though.
Probably where they are getting their threat analysis from.
1. Re:A lot of effort there by Anonymous Coward · 2014-07-22 07:24 · Score: 0
  
  >The number one source of data breaches/theft is from employees.
  
  Of course many employees are drones, but that's not what this device is detecting.
Sounds like it would be trivial to defeat by Anonymous Coward · 2014-07-22 02:23 · Score: 0

You'd just use a different model of AP. I'd be more worried about a drone sniffing my WiFi anyway.
A better option is... by Anonymous Coward · 2014-07-22 02:36 · Score: 1

Broad spectrum, high power RF jammers. A bonus if it also takes out cell networks.
1. Re:A better option is... by Bjorn_Redtail · 2014-07-22 23:22 · Score: 1
  
  They also are dead easy to direction find.
This Parrot has ceased to be! by Irate+Engineer · 2014-07-22 02:39 · Score: 3, Funny

Lovely plumage though.

--
Left MS Windows for Linux Mint and never looked back!
Vote for Bernie in 2016!
I've got a similar idea in the works... by jeffb+(2.718) · 2014-07-22 02:59 · Score: 4, Insightful

It's a receiver to detect the EM signature from the onboard electronics of a Prius.
See, I've heard that it's possible for a Prius driver to run over kids who are playing in the street. So I've designed this receiver that fits into a kiddy backpack, and sounds an alarm when there's a Prius nearby. That way, when my kids are playing in the street and a Prius approaches, they'll hear the alarm. I guess then they can get out of the street, but what I'm really looking for is a way to ban Priuses from driving on my street. After all, I'm a responsible parent who's keenly aware of the dangers Priuses pose to kids who play in the street.
1. Re:I've got a similar idea in the works... by Anonymous Coward · 2014-07-22 04:56 · Score: 0
  
  Different detection algorithm. This probably just detects MAC addresses in the OID range assigned to Parrot AR. Your idea requires more... electronics.
2. Re:I've got a similar idea in the works... by Anonymous Coward · 2014-07-22 07:26 · Score: 0
  
  As if Prius drivers are capable of driving at a dangerous speed. Have you ever had one of them ahead of you blocking traffic? I see the problem almost every day.
  These clowns are so slow that I considered voting for the RomneyBot just because of the Obama stickers on the slow-moving Prius'.
3. Re:I've got a similar idea in the works... by HornWumpus · 2014-07-22 08:27 · Score: 1
  
  They're no worse then the Volvo diesels they traded in for Pius'. The problem has always been the drivers.
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Wifi. The final frontier. by Anonymous Coward · 2014-07-22 03:02 · Score: 0

These are the voyages of the drone fighter AirMagnet. Its continuing mission to explore strange new wardrivers, to seek out new threats and neutralize them -- to boldly do which no one had needed before.
Battery lasts for only 12 minutes by LongearedBat · 2014-07-22 03:07 · Score: 3, Insightful

I have an AR Drone 2, and the standard battery lasts for maximum 12 minutes (1000 mAh). I've ordered a new battery that holds 1500 mAh. Looking forward to see if it lasts for 18 minutes.
How much damage can one do with that? Seems easier to sneak up close and hide in a bush while cracking in to someones network using a laptop.
1. Re:Battery lasts for only 12 minutes by mjwalshe · 2014-07-22 03:20 · Score: 2
  
  could use a bigger drone to airlift a raspberry pi powered drone plus battery pack onto the roof - bonus points for making the pi solar powered
2. Re:Battery lasts for only 12 minutes by Anonymous Coward · 2014-07-22 05:01 · Score: 0
  
  I often refer to my Ar drone 2.0 as a flying Linux box lol.
  the drone range is so limited even on gps flying that you can actually actually with a good directional wifi antenna get the same information.
3. Re:Battery lasts for only 12 minutes by stephanruby · 2014-07-22 05:43 · Score: 1
  
  How much damage can one do with that? Seems easier to sneak up close and hide in a bush while cracking in to someones network using a laptop.
  Yes, but your laptop, or your Android device as proxy, wouldn't have the convenient AR_DRONE_ID#### SSID attached to it, so the security idiots at FUD Networks wouldn't have any idea how to detect those.
4. Re:Battery lasts for only 12 minutes by plover · 2014-07-22 05:53 · Score: 1
  
  You don't have to be flying in order to serve as a rogue access point. Just land the drone near the target and hack from there. Besides, you'll attract a lot less attention if you're hiding the machine on the victim's roof.
  
  --
  John
5. Re:Battery lasts for only 12 minutes by stephanruby · 2014-07-22 06:05 · Score: 1
  
  Sorry, I provided the wrong link. To capture wifi traffic with an Android device, you'd need this instead.
so? by mjwalshe · 2014-07-22 03:17 · Score: 1

Don't all wifi management tools do rogue ap detection - I rember playing with the cisco one and that has some neat ICE tech in it
Google by Anonymous Coward · 2014-07-22 04:32 · Score: 0

The reason the craft are dangerous is that they can be modified to act as rogue access points and sent into range of a victim's wireless network, potentially breaking into a network to steal data
They'll probably buy about a million of these.
AirMagnet by redfood · 2014-07-22 04:36 · Score: 1

Did anyone else click on this story hoping to see some sort of magnet dart gun or EMP gun used for disabling drones?
Re:The biggest dangers by naughtynaughty · 2014-07-22 04:37 · Score: 2

Love the blanket statement that "no current UAVs are safe enough to fly in populated areas", things like this must absolutely terrify you: http://www.poweruptoys.com/ BTW, stay off the streets, where real danger exists.
Boring by c · 2014-07-22 04:52 · Score: 3, Funny

I want to see a security tool which hijacks the drone control connection, lands it on my roof, and shuts it down so it won't leave.
I can't quite decide if the followup should be "call the police", "hold drone ransom" or "just keep it", but I'm sure I'd think of something.

--
Log in or piss off.
1. Re:Boring by Ol+Olsoc · 2014-07-22 05:20 · Score: 1
  
  I want to see a security tool which hijacks the drone control connection, lands it on my roof, and shuts it down so it won't leave.
  I can't quite decide if the followup should be "call the police", "hold drone ransom" or "just keep it", but I'm sure I'd think of something.
  Just wait until it comes into the airspace above your roof, then blast it with a wideband signal around 2.4 GHz. It will screw the wifi connection to the phone or tablet controlling it, and the drone, now goes into landing mode, looking for a safe place to land. It will slowly descend onto your roof.
  The owner will see all this, and might take umbrage at your stealing their drone. Which almost certainly wouldn't be flying over your roof anyhow.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
2. Re:Boring by c · 2014-07-22 05:39 · Score: 1
  
  The owner will see all this, and might take umbrage at your stealing their drone. Which almost certainly wouldn't be flying over your roof anyhow.
  Well, I live in the country. If a wifi-controlled drone gets within signal range of my house, the owner is very likely trespassing and almost certainly snooping on my property in particular.
  
  --
  Log in or piss off.
3. Re:Boring by Anonymous Coward · 2014-07-22 05:42 · Score: 1
  
  That sounds like the "Frisbeeatarian" approach.
  Frisbeeatarians believe that when you die, your soul goes up on the roof and nobody can get it down.
4. Re:Boring by Ol+Olsoc · 2014-07-22 05:59 · Score: 1
  
  Well, I live in the country. If a wifi-controlled drone gets within signal range of my house, the owner is very likely trespassing and almost certainly snooping on my property in particular.
  Um, sure. Most of us drone users stay well away from houses. The whole "drone spying on your teenage daughter as she lovingly caresses her nubile body in the shower", and on and on and on, is something straight out of Law and Order, or porn movies. Or that packs of parrot users are going to break into your wifi network, or sit in smoke filled rooms, coming up with new ways to violate your civil rights.
  Everyone I know just enjoys the little bit of flight time, for the few minutes the batteries allow, and making videos to share on youtube. They are toys.
  Probably the most subversive thing we do is put leds on them and play "pretend UFO".
  But as I said, I gave you the info to down one over your property. Use that info as you will.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
5. Re:Boring by c · 2014-07-22 13:45 · Score: 1
  
  Most of us drone users stay well away from houses.
  As I said, I live in the country.
  Most ATVers, snowmobilers, boaters, hunters, etc are perfectly respectable people who go out of their way not to bother anyone, and I have no issue with them.
  Those other fuckers, however... I have absolutely no doubt that drone technology will become simple and ubiquitous enough that the sort of asshole who enjoys annoying people with expensive toys will inevitably discover and abuse it.
  
  --
  Log in or piss off.
6. Re:Boring by Ol+Olsoc · 2014-07-22 14:35 · Score: 1
  
  Those other fuckers, however... I have absolutely no doubt that drone technology will become simple and ubiquitous enough that the sort of asshole who enjoys annoying people with expensive toys will inevitably discover and abuse it.
  Glenn Beck called. He said you're getting a little over the top.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
7. Re:Boring by CaptQuark · 2014-07-22 20:28 · Score: 1
  
  If I was going to attempt to break into your network or record video of your property, I would connect the camera and wifi equipment to a kite and fly it over your house. No noise, people are used to seeing kites, and I retain control of the kite and can bring it back quickly. I could do the same thing with a long pole from my car or a balloon.
  
  Flying RC toys are just the trigger topic of the week to get people's ire up.
  
  ~~
Not an interesting article by Anonymous Coward · 2014-07-22 05:11 · Score: 0

but if you wanted to take down a drone maybe a GPS noise source with a directional antenna pointed at the little bird would have interesting results.
Huh? by Ol+Olsoc · 2014-07-22 05:16 · Score: 1

These drones get their control via wifi.
Wouldn't this mean that the person controlling the drone would have to be on the wifi system already?
It isn't just going to stay there without any control. On my parrot, the drone will ease on down if it loses contact with the controller. Kind of keeps it from flying on til hte batteries drop if you lose contact. So it would need multiple wifi's. Oh, and then it wouldn't be recognizable as a parrot drone. And....
Even if you could rig it to attack another wifi, it would have to have that second wireless adapter, and you'd need a second computer to do the hacking, and you'd need to get all this done in the precious few minutes of flight time. And the flight time would be even less because of the second wifi weight and battery drain. And....
Oh, and you'd need to be standing right outside the place you were hacking into. The wireless range of these things is really short. And...
This is FUD, plain and simple. Tring to break into a wireless system with a parrot would be like driving from Philadelphia to New Jersey by way of Australia, with stops in Anarctica, and the moon beforehand.

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Arguments based on drone range by jeffb+(2.718) · 2014-07-22 05:59 · Score: 1

It's possible to connect a controller to an antenna that vastly extends its range. Is your property extensive enough to give you a 2-kilometer perimeter around your house?
1. Re:Arguments based on drone range by c · 2014-07-22 13:25 · Score: 1
  
  It's possible to connect a controller to an antenna that vastly extends its range. Is your property extensive enough to give you a 2-kilometer perimeter around your house?
  I specifically said "the signal range of my house". Stock antennas on a router in the basement. If my network can see the drone, it's going to be pretty close.
  
  --
  Log in or piss off.
10 Minutes Flight time by bobbutts · 2014-07-22 06:13 · Score: 1

This is going to need to be a very fast attack since the battery on the quadcopter only lasts around 5-10 min.
It a drone? by Anonymous Coward · 2014-07-22 06:26 · Score: 0

"a popular unmanned aerial vehicle that costs a few hundred dollars"
And it unmanned. It needed to be said?
Most toys are.
Armed Solution by Anonymous Coward · 2014-07-22 07:21 · Score: 0

Shotguns work wonders.
snarky comment by Anonymous Coward · 2014-07-22 08:41 · Score: 0

Issuing air pistols? You can't hit a drone with a pistol. No you need to arm the site security with full chock, 12 gauge, shot guns.
That way every knows when a drone is near by. The window explodes when security shots the drone hovering next to it. It also helps cut down on the population of 'window sitters'