Results 1 to 6 of 6

Thread: Explain this please

  1. #1
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Explain this please

    Ok I need some explanation on this. I am currently at a coffee shop/wifi hot spot. I'm not doing anny thing illegal just using airodump and nmap. what I dont understand is that airodump shows all kinds of computers connected to this ap { which is free but has a logg in page where you have to accept the terms if that that any thing to do with it.}. so when I nmap the whole subnet mask I get nothing except myself and the ap . why is this?

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by purehate View Post
    Ok I need some explanation on this. I am currently at a coffee shop/wifi hot spot. I'm not doing anny thing illegal just using airodump and nmap. what I dont understand is that airodump shows all kinds of computers connected to this ap { which is free but has a logg in page where you have to accept the terms if that that any thing to do with it.}. so when I nmap the whole subnet mask I get nothing except myself and the ap . why is this?
    let me edit this so no one gets the wrong idea. This is a free wifi hot spot which to my knowledge it is no illegal to scan. please correct me if I'm wrong and I'll shut up. All Im wondering is why the other computers dont show up in a scan with nmap is it because they are not net worked or what

  3. #3
    Member
    Join Date
    Oct 2006
    Posts
    130

    Default

    hehe are you actually connected to the AP?

  4. #4
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by purehate View Post
    Ok I need some explanation on this. I am currently at a coffee shop/wifi hot spot. I'm not doing anny thing illegal just using airodump and nmap. what I dont understand is that airodump shows all kinds of computers connected to this ap { which is free but has a logg in page where you have to accept the terms if that that any thing to do with it.}. so when I nmap the whole subnet mask I get nothing except myself and the ap . why is this?
    I'm just curious, did you happen to read the TOS page?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  5. #5
    Member
    Join Date
    Jan 2007
    Posts
    242

    Default

    Could be the windows firewall. It can be set to "blackhole".
    nmap will set off firewall software like Zone Alarm too. If anyone starts looking around, run. :-)

    Could be "wireless client isolation". Many access points have this feature.

    It also includes a wireless client isolation mechanism, which limits direct client-to-client communication.
    Pretty good explanation:


    Oh, it's really simple. Wireless access points work by bridging the
    wireless port to the wired switch ports and router port. Everything
    happens at the MAC address level and does not involve IP addresses,
    NETBIOS over TCP/IP (also known as MS Networking). Just MAC
    addresses.

    The wireless bridge builds a bridging table consisting of a table of
    "heard" (or sniffed) MAC addresses that appear on various ports.
    There are really just 3 available ports[1]. Wireless, ethernet
    switch, and router port. If the destination MAC address of a port is
    shows up in the MAC address table as sitting on a specific port, only
    that port gets the traffic. Broadcasts, which have no destination MAC
    address are sent to all ports.

    Well, it's simple enough to build a logical rule (or filter) for these
    MAC addresses and ports that says:
    "If the packet originates on the wireless port, it can only send
    and receive packets that are destined or originate from the router
    port or ethernet switch port."
    Not a very complex rule, but one which totally prevents wireless
    client to client traffic. Not even broadcasts will go from wireless
    client to client.
    Takes all the fun out.

    While it might not be illegal, and I think scanning a computer you don't own or have written permission is illegal in some states, it's probably unethical. Texas in particular seems to have some very strict laws about this. Even pinging a box could be construed as an attempt to unlawfully access another computer, in Tx and probably others.

    Have you examined your capture files? Airodump should still pick up everything. You could run something on the capture file and find out quite a bit. p0f and ettercap come to mind. This is possibly illegal too, btw. It would certainly be discouraged by the owner of the hotspot. I'd say maybe unethical, but no more than scanning any type of radio wave. People should know better.

    Just an opinion, I'm not a lawyer.

    Good Luck

  6. #6
    Just burned his ISO
    Join Date
    Aug 2006
    Posts
    21

    Default

    thank youuuu

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •