Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Wireless AP

  1. #1
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default Wireless AP

    I want to setup a wireless AP NOT connected to the internet in infrastructure mode.
    I have a junk 2wire that has big problems with wired connections but the wireless is fine, and a old p2 laptop if necessary.

    I want it to be completely open and when someone connects to it and attempts to access a web page for the AP to drop the packet request for the webpage and return something like... "Stealing someone's wireless is illegal." (then it states a little about the state laws). I can build the simple html page that says this no problem. I just dont know how to implement it.

    The other day I decided to open a wireless router not connected to anything but the pc I used to change the settings for and sniff it out using airodump-ng on my bt3 laptop. In less than 5 minutes I had 5 people connected sending several packets. What I assume to be http requests or whatnot. I don't want this to do anything malicious and it should not do anything until an http request or GET is sent. That request will be immediately dropped and the html page that states wireless stealing is a crime is sent.

    Any ideas as to where I might start looking for this? I'm not even sure what it would be called.

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by hhmatt81 View Post
    I want to setup a wireless AP NOT connected to the internet in infrastructure mode.
    I have a junk 2wire that has big problems with wired connections but the wireless is fine, and a old p2 laptop if necessary.

    I want it to be completely open and when someone connects to it and attempts to access a web page for the AP to drop the packet request for the webpage and return something like... "Stealing someone's wireless is illegal." (then it states a little about the state laws). I can build the simple html page that says this no problem. I just dont know how to implement it.

    The other day I decided to open a wireless router not connected to anything but the pc I used to change the settings for and sniff it out using airodump-ng on my bt3 laptop. In less than 5 minutes I had 5 people connected sending several packets. What I assume to be http requests or whatnot. I don't want this to do anything malicious and it should not do anything until an http request or GET is sent. That request will be immediately dropped and the html page that states wireless stealing is a crime is sent.

    Any ideas as to where I might start looking for this? I'm not even sure what it would be called.
    Mr. Google says "honeypot" or "Walled Garden"

    /walks away sniggering.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by streaker69 View Post
    Mr. Google says "honeypot" or "Walled Garden"
    Every time I read "Mr. Google", this bloke pops in my head



    /reschedules for earlier appt with shrink
    dd if=/dev/swc666 of=/dev/wyze

  4. #4
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Quote Originally Posted by streaker69 View Post
    Mr. Google says "honeypot" or "Walled Garden"

    /walks away sniggering.
    Thank you.

    Can an apache server accomplish this also?

  5. #5
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by hhmatt81 View Post
    Thank you.

    Can an apache server accomplish this also?
    If your router supports redirection of the wireless clients, you could use apache to serve the page
    dd if=/dev/swc666 of=/dev/wyze

  6. #6
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Well I figured I would plug the laptop into the Internet Port instead of the Ethernet LAN ports.

  7. #7
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by hhmatt81 View Post
    Well I figured I would plug the laptop into the Internet Port instead of the Ethernet LAN ports.
    No...

    AP --> WAN Port --> Apache Web Server

    Problem is, you'll have to dish out DHCP addresses from your WAN port, and that could prove to be tough.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  8. #8
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Google for the Zone CD. Run it on an old PC connected to the AP. It will do everything you need, including handing out the DCHP addresses, and running the walled garden http page.
    Thorn
    Stop the TSA now! Boycott the airlines.

  9. #9
    Junior Member
    Join Date
    Feb 2006
    Posts
    75

    Default

    @ Thron,

    Nice find on the ZoneCD I've been looking at setting something like this up as well. also I like the crime message via walled garden. Something you might look into also hhmatt81 http://www.controlap.com but it appears to be down at this time.

  10. #10
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by G-Stress View Post
    @ Thron,

    Nice find on the ZoneCD I've been looking at setting something like this up as well. also I like the crime message via walled garden. Something you might look into also hhmatt81 http://www.controlap.com but it appears to be down at this time.
    Here's the page I was gonna use if I ever got around to setting one up.

    Careful, may not be safe if you have finer sensibilities.

    http://members.netjunkies.net/streaker/walledgarden.htm
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •