In my last adventure engaged in session hijacking
over WIFI. This made me wonder how many people out there have unsecured WIFI.
So I loaded Vistumber. It is available from www.vistumbler.net. See project 8-2
in the book. This is a WIFI monitoring tool that gives SSID, MAC address,
channel, signal strength, authentication type and other information. You can
even set the speaker to tell you when it finds a signal. If the computer has
GPS, it will automatically record the WIFI APs location. I could see this tool
being useful for tracking down rouge APs.
Vistumber was able to pick up a surprising number of
signals, even though many of them were too weak to connect to. I live in a
typical residential neighborhood and without leaving my house I managed to pick
up 46 signals. Of those 46, 3 were completely open, including my next door
neighbors. Another 3 had open guest accounts. One used WEP for which there are
cracking tools available. So more than one out of seven homes in my neighborhood
were vulnerable. The other homes were using WPA or WPA2. But I bet a few of these
may have had the router’s passwords set to default and could be opened. (I didn’t
try.)
I found that if I held my laptop against the living
room wall I could pick up quite a few signals. My daughter looked at me like
what was I doing. I explained. She asked, “Dad! You’re NOT going to break into
the neighbor’s computers are you!?” I assured her that I wasn’t. But I could
have. My neighbor has a state of the art burglar alarm, but he left the door
wide open for a virtual burglar.
No comments:
Post a Comment