Episode77

From Paul's Security Weekly
Jump to: navigation, search

Episode Media

mp3

Tech Segment: Kismet Drone on OpenWrt Whiterussian 0.9

Install packages:

ipkg install wl kismet-drone

Modify the source directive in /etc/kismet/kismet_drone.conf

source=wrt54g,eth1,wrt54g 
# Do we channelhop?                   
channelhop=false 

Make sure your wireless adapter is enabled!

nvram get wl0_radio

0 means off, to enable “nvram set wl0_radio=1 ; nvram commit ; wifi”

Modify the allowed hosts directive to allow you IP to connect

allowedhosts=10.13.37.10/32 

Configure you wireless settings:

/sbin/ifconfig eth1 up 
/usr/sbin/wl ap 0 
/usr/sbin/wl passive 1 
/usr/sbin/wl promisc1  
/usr/sbin/wl monitor 1 
/usr/bin/kismet_drone-f/etc/kismet/kismet_drone.conf
wget http://wrt54ghacks.com/whiterussian/chanhop.sh ; chmod +x chanhop.sh
./chanhop.sh -p openwrt -i eth1 -b IEEE80211BJP
# nvram set wl0_country_code=All 
# nvram commit 

Stories for discussion

Dumpster diving - for electronic data - [Larry] - Not only will you find yellow gold (post-its) you can find some data in electronic formats too - CD, Disks, USB keys and hard drives. How about encryption, and appropriate disposal methods!

Secure Wireless LAN for Guest Users? - [PaulDotCom] - This is a tough balance, is you go with PEAP or EAP-TTLS as the article suggests, the client must have a working supplicant, which can be tricky. If you leave it open and go with a captive portal, you leave your guests, and in turn your network, open to far more attacks.

Mobile Endpoint secrity - [Larry] - Securing PDAs and blackberries. With these devces we have methods for device encryption, and transit. We can also wipe at least the blackberries remotely. I mention this, because I've had the request for the same type of uses for an iPhone...what device encryption? Not for the corporate market!

Domain Name Industry - [PaulDotCom] - I hate even calling this "industry" because its silly. People are charging way too much for a domain name, like how do you recognize any return? Not to mention, how do you sleep at night knowing that you are just squatting on domains and selling them, there is absolutely no merit in that what so ever. Get a life.

iPhone Web Dialer = pwnage - [Larry] - So, who would use a web dialer for your iPhone? Sounds like a good way to get surreptitiously redirected to a "dialer" of someone else's choice.

We Need More Commercials - [PaulDotCom] - Great post from Josh Wright, (Check out the Joshua Wright's Blog Here). He talks about how people are advertising services via SSIDs, interesting, but then goes on to include a ruby script that will dynamically broadcast an SSID of a stock price. Hot.

Real Life Trojan Horse - [Larry] - Looks like the one mentioned in J0hnny Long's presentations. quite humoros. How do you fall for a gag like this?

  • Just a news flash, I am really LMH. No, just kidding, but who really cares anyway? Its just drama, however there are people claiming to have an OS X worm, which should not be overlooked. More info here and here. Dino has released an unofficial patch!

When will geek squad learn? - [Larry] - Looks like they have a penchant for personal data and porn. Mostly porn. I'll discuss some of the other reports I've heard...

Other stories of interest