Signal strength correlation between AP's would narrow down a person's location quite substantially. A few hundred bucks would build a nice little rotating Yagi or small dish that could yeild good LOB's (lines of bearing). Stick one at each AP (in a radome) and run a covert direction finding backbone. You could locate the person accessing the net very accurately, very quickly. Hell, you could just walk up to him and shake his hand about 30 seconds after his initial access. Changing the MAC address would be totally useless. He would already be on the camera that was automatically pointed along the bearing given by the DF system. Sweet... just an old intel type speculating here but I expect Lance, et. all will recognize my handwriting, they usually do.

We build a small directional array and rotate it on a data streaming from a serial port. That way we know which direction it is pointing at any given moment. Rotate, sense, rotate sense, you get the idea. Sensing and signal pertinents are reported via the backhaul to a central location. Completely passive, no transmit enabled on any of the sensors. Hide them in RADOMES. Use this data to rotate and point cameras located near the AP's and you have a system that will immediately yeild all the evidence you need for prosecution... IF the person accessing the network is actually violating the law. "Yeah, Dude, we got you on three cameras while you hit your competitor." SWEET!

As it stands currently simply accessing a wireless network is NOT illegal. That will likely change. I don't care how you do it breaking into a computer and modifying data IS illegal.

Folks, this is coming.

Osiris

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/552/15957#15957