Results 1 to 8 of 8

Thread: Is packet injection traceable?

  1. #1
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    4

    Question Is packet injection traceable?

    So I successfully cracked my friend's wep encrypted network just to show him once and for all that weps are honest to god not worth squat.

    He asked me a good question though, is packet injection traceable?

    I assume you could log it on the router, but as far as mac addresses, it'd be spoofed so they'd never know right?

    Unless they're like waiting and watching their network with the makings of a counter attack, right?

  2. #2
    Senior Member
    Join Date
    Aug 2007
    Posts
    916

    Default

    Packet injection is traceable if there's a network savvy user. There are many ways to track back the culprit if needed be.

  3. #3
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    4

    Default

    But the average noob like my friend wouldn't know the half of it?

    Like I only attacked him once, if his network wasn't ready to handle me, he missed his shot unless I attacked again?

  4. #4
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    Quote Originally Posted by mrgrim333 View Post
    But the average noob like my friend wouldn't know the half of it?

    Like I only attacked him once, if his network wasn't ready to handle me, he missed his shot unless I attacked again?
    If you used a fake MAC during the attack and never use that same Mac add again, then it wouldn't be possible. Or even if you used your own MAC but on a place you know you'll never come back again. Unless someone is watching the network while you are attacking it, then they'll find you.

    The network will save your MAC address in the logs, so if you used your MAC, it's possible to catch you even if you attacked the network 3 months ago, as long as you are nearby.

  5. #5

    Default

    regarding to your initial subject:

    YES, every kind of packet injection is traceable, it all starts
    and falls, with the different OSI level you are able to monitor ;-)

    In case of wifi & using the default settings of various wifi cracking tools, many IDS/IPS will catch you and if their
    wifi setup is properly setuped, triangulation is working more
    or less okay (speaking about Enterprise grade Wifi...still a lot of fun to confuse
    in a very simple way their WIFI IPS...)

    Don't do stupid things, but from some forensic prospectives...don't rely purely on MAC-Address changes and think your are undetectable. Most people forget their homework on higher OSI levels, like using fancy wpa_supplicant tools (config is written to file system + time stamp ;-), not using proxies, cleanup their DHCP logs, browser cleanup, automated background updates from various services running in the background (rss & all other push technologies friends, lovely automated updates, yeahh no exception for *Linux people as well!) and so on... ;-)

    /brtw2003

  6. #6
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    4

    Default

    Yeah, I figured higher level users could track the stuff. There would be no circumstance in which I'd crack a company or organization.

    I was just worried about the standard plug, do no network security, and play users. I'm not someone that would ever try and do harm to a network, just one that like to know he could access if need be.

    My whole thing was if I'm away from home for an extended period of time, I'd sure like to know how to get some internet access. lol

  7. #7
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by mrgrim333 View Post
    My whole thing was if I'm away from home for an extended period of time, I'd sure like to know how to get some internet access. lol
    You pay for a mobile Internet plan, that's how you do it. We don't tolerate any discussion of illegally accessing other peoples wireless networks here, and we are utterly humourless with regards to any jokes on the subject. Read some of the posts in the Idiots Corner to see why, and re-read those rules you agreed to when you joined, especially the one about us not condoning illegal activity.

    Don't bring up the subject of accessing someone else's wireless network without permission again. Consider this your warning.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  8. #8
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by mrgrim333 View Post
    Yeah, I figured higher level users could track the stuff. There would be no circumstance in which I'd crack a company or organization.

    I was just worried about the standard plug, do no network security, and play users. I'm not someone that would ever try and do harm to a network, just one that like to know he could access if need be.

    My whole thing was if I'm away from home for an extended period of time, I'd sure like to know how to get some internet access. lol
    You get yourself a job where mobile internet access is required and you have your company pay for it. That's the best way. Stealing it otherwise is wrong.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •