Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Wireless sniffer defense

  1. #1
    kingpin
    Guest

    Default Wireless sniffer defense

    I think someone is sniffing my wireless network, which is open and contains a lot of computers. I think he is using BT2, macchanger and Wireshark Wifi. Is there any way to find out any information about him, whom he is, etc?
    Apreciate any help,
    -Kingpin

  2. #2
    Member
    Join Date
    Aug 2007
    Posts
    109

    Default

    Please explain to me, as I'm total-newbie, how can you find all this info about the evil-sniffer? What's your secret?

    Any info appreciated..
    ExitOnly@

    -----------------------------------------------------
    Learn to live, but live to learn, eh?

  3. #3
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default

    Quote Originally Posted by kingpin View Post
    I think someone is sniffing my wireless network, which is open and contains a lot of computers.
    Apreciate any help,
    -Kingpin
    Well right there is the problem.

  4. #4
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    i will be indulgent and state that you're not a lyer.........

    im not a newb , and i still don't know how to "guess" what mac change software an attackant can use, despite im into his machine........

    you sound really suspicious.........

    because if you have a clue on this infos, it's because you go inside the machine.........even if you are fingerprinting a bt2 machine, you don't get bt2 as answer !!! but something like linux running 2.6.20.......

    i may be paranoid, if so excuse me....
    but i still think it sounds suspicious.......

    anyway ....... first thing to do is to wpa your network..........
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    I shall have to agree with the previous two distinguished posters.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Junior Member
    Join Date
    Jul 2006
    Posts
    88

    Default

    *My Question* I was just browsing the net in my college when i got this image ( shown below - it is not exactly the same as in the image below because the identity was different) and I immediately though that this was man-in-the-middle attack because I seen this in an article by irongeek called "Caffeinated Computer Crackers: Coffee and Confidential Computer Communications". So I just click the close button, was this the right thing to do?


    However, I might be wrong but If it was a MITM attack what should I have done if this popped up? As in, do you just click the "Do not accept the is certificate and Do not connect to this web site" and then click "ok"

    How do you defend yourself from this attack??

  7. #7
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Funnyman View Post

    How do you defend yourself from this attack??
    1. Don't connect to public Access Points.

    2. If you must connect to a Public Access Point, DON'T!

    3. If you still must connect to a Public Access point, do due diligence to determine if the AP is the real one or not, once you've determined that it is the real one, use a VPN tunnel to conduct your business.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  8. #8
    Junior Member
    Join Date
    Jul 2006
    Posts
    88

    Default

    Thanks streaker69. So when I click the close button that did not stopped the MITM attack?

  9. #9
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Funnyman View Post
    Thanks streaker69. So when I click the close button that did not stopped the MITM attack?
    If you're still connected to the rogue AP, then No.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  10. #10
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    kingpen,

    Your sure appear to know more than meets the eye in this situation. At first glance....I'd say you were attempting to social engineer us by trying to make us believe this story instead of you being the one who's doing this, and trying to get info from us on how we detect and determine where the attacker (you) is, and your wanting to make sure your ass is covered from being detected.

    As such an idea has crossed my mind, I'm inclined to decline offering you any info except to just state what has already been said.

    PUT WPA OR WPA2 on your network. Never leave your network open. Why are you leaving it unencrypted anyways unless your planning a MITM attack on someone to get their personal info..(credit card numbers..SSN..etc) Sorry..but I'm having difficulty believing your story. Perhaps if you can answer me why your network is unencrypted..on purpose, and provide much more detail we could help. But as is, I'm afraid the only help you MIGHT get is gonna be through a PM from a Black Hatter who happens to read this. And do you really trust them??..lol

    Wireless signal is only as good as it power, antenna(s), signal quality, noise, environmental conditions..etc...Most wireless hackers attacks are based less than 1000ft. of you if that helps.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •