Packet injection is traceable if there's a network savvy user. There are many ways to track back the culprit if needed be.
Is packet injection traceable?
So I successfully cracked my friend's wep encrypted network just to show him once and for all that weps are honest to god not worth squat.
He asked me a good question though, is packet injection traceable?
I assume you could log it on the router, but as far as mac addresses, it'd be spoofed so they'd never know right?
Unless they're like waiting and watching their network with the makings of a counter attack, right?
Packet injection is traceable if there's a network savvy user. There are many ways to track back the culprit if needed be.
But the average noob like my friend wouldn't know the half of it?
Like I only attacked him once, if his network wasn't ready to handle me, he missed his shot unless I attacked again?
If you used a fake MAC during the attack and never use that same Mac add again, then it wouldn't be possible. Or even if you used your own MAC but on a place you know you'll never come back again. Unless someone is watching the network while you are attacking it, then they'll find you.Originally Posted by mrgrim333
The network will save your MAC address in the logs, so if you used your MAC, it's possible to catch you even if you attacked the network 3 months ago, as long as you are nearby.
regarding to your initial subject:
YES, every kind of packet injection is traceable, it all starts
and falls, with the different OSI level you are able to monitor ;-)
In case of wifi & using the default settings of various wifi cracking tools, many IDS/IPS will catch you and if their
wifi setup is properly setuped, triangulation is working more
or less okay (speaking about Enterprise grade Wifi...still a lot of fun to confuse
in a very simple way their WIFI IPS...)
Don't do stupid things, but from some forensic prospectives...don't rely purely on MAC-Address changes and think your are undetectable. Most people forget their homework on higher OSI levels, like using fancy wpa_supplicant tools (config is written to file system + time stamp ;-), not using proxies, cleanup their DHCP logs, browser cleanup, automated background updates from various services running in the background (rss & all other push technologies friends, lovely automated updates, yeahh no exception for *Linux people as well!) and so on... ;-)
/brtw2003
Yeah, I figured higher level users could track the stuff. There would be no circumstance in which I'd crack a company or organization.
I was just worried about the standard plug, do no network security, and play users. I'm not someone that would ever try and do harm to a network, just one that like to know he could access if need be.
My whole thing was if I'm away from home for an extended period of time, I'd sure like to know how to get some internet access. lol
You pay for a mobile Internet plan, that's how you do it. We don't tolerate any discussion of illegally accessing other peoples wireless networks here, and we are utterly humourless with regards to any jokes on the subject. Read some of the posts in the Idiots Corner to see why, and re-read those rules you agreed to when you joined, especially the one about us not condoning illegal activity.My whole thing was if I'm away from home for an extended period of time, I'd sure like to know how to get some internet access. lol
Don't bring up the subject of accessing someone else's wireless network without permission again. Consider this your warning.
Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".
The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.
You get yourself a job where mobile internet access is required and you have your company pay for it. That's the best way. Stealing it otherwise is wrong.Yeah, I figured higher level users could track the stuff. There would be no circumstance in which I'd crack a company or organization.
I was just worried about the standard plug, do no network security, and play users. I'm not someone that would ever try and do harm to a network, just one that like to know he could access if need be.
My whole thing was if I'm away from home for an extended period of time, I'd sure like to know how to get some internet access. lol
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Posting Permissions