Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Securing wireless

  1. #1
    Junior Member bwise's Avatar
    Join Date
    Nov 2007
    Posts
    69

    Exclamation Securing wireless

    my university has a wireless which is open ,not using any wep/wpa protection but you need to login in a webpage to enter which they give us the codes to use it.

    it seems to me that this method is more secure than wep/wpa! does anyone know how it is possible to apply this to your home wireless ?

    thanks in advance

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by bwise View Post
    my university has a wireless which is open ,not using any wep/wpa protection but you need to login in a webpage to enter which they give us the codes to use it.

    it seems to me that this method is more secure than wep/wpa! does anyone know how it is possible to apply this to your home wireless ?

    thanks in advance
    You are mistaken in your assumption.

    All traffic between you and the AP could be monitored easily because there is no encryption.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    What you're talking about is called a captive portal. Read more about them here. >>Keep in mind this is not a good and definitely not better than WEP, WPA or WPA2 encryption. Its vulnerable to a "Man in the middle" attack with arp poisoning via ettercap.

    As far as making one..I believe you have to put yor AP in "bridged" mode. Theres something called NoCatAuth>>>Sorry, but thats the limit of my knowledge on this subject.

    Streaker69 would be the best candidate to field this question.


    EDIT***

    Well speak of the devil..lol. Streaker beats me to the punch.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  4. #4
    Member s1lang's Avatar
    Join Date
    Sep 2007
    Posts
    189

    Default

    My university's wireless network is exactly the same

  5. #5
    Member
    Join Date
    Mar 2007
    Posts
    204

    Default

    the starbucks near me uses a similar system. Open network, web authentication.

  6. #6
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    As the others have stated, a captive portal (also known as a "Walled Garden") is NOT secure, at least not in the sense that the traffic is not encoded, and it may be subject to to MiM attacks as well as monitoring and capture attacks.

    However, a captive portal can be used however to restrict users to just the wireless network and not the wired portion, or to limit which users have access to the Internet over the wireless network. If you want to try it I would suggest the Zone CD [publicip.net]. This is the simplest method for someone with limited resources. You will need a extra PC equipped with two (2) NICs between your AP and the outbound router. The PC doesn't have to be anything extravagant, old Pentium 100 with 128MB RAM will be just fine. You can easily edit your own HTML page to introduce users to your wireless network.

    You can also do this with NoCat Splash [nocat.net] if you have a Linksys WRT54G, and are running either OpenWrt [openwrt.org] or ewrt [www . portless.net/menu/ewrt/]. Getting either of these specialized firmwares running on a WRT54G is not exactly a trivial exercise, and should not be attempted if you aren't willing to sacrifice the WRT to the wireless gods. It is quite easy to turn the device into a large blue paperweight if something goes wrong with setting the firmware on the WRT54G. Consider yourself warned.
    Thorn
    Stop the TSA now! Boycott the airlines.

  7. #7
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Getting either of these specialized firmwares running on a WRT54G is not exactly a trivial exercise, and should not be attempted if you aren't willing to sacrifice the WRT to the wireless gods. It is quite easy to turn the device into a large blue paperweight if something goes wrong with setting the firmware on the WRT54G. Consider yourself warned.
    I have one to prove it. It is easy to "brick"one of these so be careful. The do have a security measure similar to this at my school. I've never fully understood how they do this. Streaker gave me a clue but my research did not come up with much. They have a captive portal just like many places do. That I fully understand and have one at home on my dd-wrt router. What I don't understand is how no matter how many people are logged in on the wireless every one seems to have a different subnet or something. What I mean is 20 people can be on the wireless in the library however a nmap scan will reveal only my pc and the gateway. I wish I knew how they did that. That seems to me to be a excellent security measure. I think streaker told me to look up compartmentalization however I could not find much.

  8. #8
    Junior Member bwise's Avatar
    Join Date
    Nov 2007
    Posts
    69

    Default

    thanks for the information people , as it is vulnerable to MiM attacks i will not try to implement it since i sometimes make money transactions, buy things on internet etc. So it's best use is for just allowing only the people who really have access to the wireless but it's not safe for the users.

    i will also read from the links Xploitz mentioned

  9. #9
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    You can also do this with a smoothwall box (2 nics in an old computer). Or force it to be redirected to whatever website you wish. A lot of hotels use the same setup. A lot of hotels also leave the default password on this so that it can be changed Also, a lot of hotels require that you "login" to use the internet and you give the hotel your email address and then a "verification" password. Although, if you pound on the keyboard for the login and password box, it will accept whatever lol.

    Login:JOKNaonfdaonfalsak
    Passwordansdfc0a9c99a8co

    It's kinda funny. I wonder who sets up this stuff.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  10. #10
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by spankdidly View Post
    You can also do this with a smoothwall box (2 nics in an old computer). Or force it to be redirected to whatever website you wish. A lot of hotels use the same setup. A lot of hotels also leave the default password on this so that it can be changed Also, a lot of hotels require that you "login" to use the internet and you give the hotel your email address and then a "verification" password. Although, if you pound on the keyboard for the login and password box, it will accept whatever lol.

    Login:JOKNaonfdaonfalsak
    Passwordansdfc0a9c99a8co

    It's kinda funny. I wonder who sets up this stuff.
    A lot of hotels let geeksquad set up their stuff. Watch for cameras.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •