I agree with Mike, fakeap shouldn't be used as a real security tool. Windows laptops will only show an SSID in your "available wireless networks" list if the BSSID responds to a probe request. So just jamming SSIDs into the air won't "cloud" clients lists. If you're dead-set on getting it working, then I'd suggest using something like scapy to beacon & respond to client probes.
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Mike Kershaw
Sent: Thursday, April 17, 2008 9:06 AM
To: bLiTz
Cc: wifisec; pen-test (at) securityfocus (dot) com [email concealed]
Subject: Re: creating fake APs
On Wed, Apr 16, 2008 at 09:08:46PM -0700, bLiTz wrote:
> Hi thanks for the earlier help. We are now in phase II of the project and need to build a more secure network. I had the following questions:
> 1. For this I was planning to use fakeap to create a large number of fake APs. But I am not able to configure fakeap after spending hours and hours on it. From what I understand, we need to have hostap inorder to run fakeap. I wasn't able to configure and install it ( I am trying to get this working on Ubuntu and then later if possible on OpenWRT on Linksys wrt 54gl) . It would be great if anybody out there could guide me or point me to some place where it is clearly explained how to get hostap and fakeap working.
This is NOT securing a network. Fake APs do nothing but cause client confusion. Anyone looking to attack a network can trivially filter the fake data out.
Fake AP is just about as much "security" as mac filtering or ssid cloaking. Or saying "please".
I agree with Mike, fakeap shouldn't be used as a real security tool. Windows laptops will only show an SSID in your "available wireless networks" list if the BSSID responds to a probe request. So just jamming SSIDs into the air won't "cloud" clients lists. If you're dead-set on getting it working, then I'd suggest using something like scapy to beacon & respond to client probes.
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Mike Kershaw
Sent: Thursday, April 17, 2008 9:06 AM
To: bLiTz
Cc: wifisec; pen-test (at) securityfocus (dot) com [email concealed]
Subject: Re: creating fake APs
On Wed, Apr 16, 2008 at 09:08:46PM -0700, bLiTz wrote:
> Hi thanks for the earlier help. We are now in phase II of the project and need to build a more secure network. I had the following questions:
> 1. For this I was planning to use fakeap to create a large number of fake APs. But I am not able to configure fakeap after spending hours and hours on it. From what I understand, we need to have hostap inorder to run fakeap. I wasn't able to configure and install it ( I am trying to get this working on Ubuntu and then later if possible on OpenWRT on Linksys wrt 54gl) . It would be great if anybody out there could guide me or point me to some place where it is clearly explained how to get hostap and fakeap working.
This is NOT securing a network. Fake APs do nothing but cause client confusion. Anyone looking to attack a network can trivially filter the fake data out.
Fake AP is just about as much "security" as mac filtering or ssid cloaking. Or saying "please".
-m
--
Mike Kershaw/Dragorn <dragorn (at) kismetwireless (dot) net [email concealed]> GPG Fingerprint: 3546 89DF 3C9D ED80 3381 A661 D7B2 8822 738B BDB1
I like my coffee like I like my friends -- Dark, and bitter.
[ reply ]