I was just going through some sites, and came across "Interceptor". I liked it and think its worth mentioning here. " The Interceptor is a wireless wired network tap."
http://www.digininja.org/interceptor/
What i liked most about it is the idea of flashing the AP and making it do some interesting things. All the attacker has to do is to reach the victim's location once and tap the wired network with this newly flashed fon+ AP. Now attacker can listen to all wired network traffic of that network without ever going there again. What makes it more interesting that it provides double security over the air, so anyone sniffing the air too woud'nt be able to tell what traffic it is. Only the person having control of fon+ can intercept the traffic on the victim's wired network.
Following are my understanding about Interceptor....
1. Interceptor uses fon+ AP as a tap device. fon+ has two wired interfaces, and one wireless interface through which it will send tapped network information in the air.
2. Wireless interface is atheros chipset based and all modules used by interceptor are compiled for mips platform. ( fon+ is on mips platform), so we cannot simulate it on our x86 laptop (I thought of simulating it on a laptop having two wired interfaces and one atheros based wireless client card).
3. Tap device (fon+) will bridge its wired interfaces so that all the traffic passes through and victim's network administrator woudnt have any way of knowing something might be wrong.
4. Besides, passing data from one wired interface to other, it sends it to wireless interface also which is an encrypted AP(security used is WPA2-PSK).
5. On top of it, tap device(fon+) will be running a vpn client to encapsulate all traffic in VPN tunnel.
6. The other linux machine, will act as wireless client connected to tap device and will be running VPN server. A tap interface is created on this linux machine, on which we can sniff the data, which is flowing through in victim's tapped network.
A good tutorial is given here:
http://www.digininja.org/interceptor/install_walkthrough.php
Now, i am just waiting for this fon+ ( also known as la fonera) to come in my hands, and really try it out.
http://www.digininja.org/interceptor/
What i liked most about it is the idea of flashing the AP and making it do some interesting things. All the attacker has to do is to reach the victim's location once and tap the wired network with this newly flashed fon+ AP. Now attacker can listen to all wired network traffic of that network without ever going there again. What makes it more interesting that it provides double security over the air, so anyone sniffing the air too woud'nt be able to tell what traffic it is. Only the person having control of fon+ can intercept the traffic on the victim's wired network.
Following are my understanding about Interceptor....
1. Interceptor uses fon+ AP as a tap device. fon+ has two wired interfaces, and one wireless interface through which it will send tapped network information in the air.
2. Wireless interface is atheros chipset based and all modules used by interceptor are compiled for mips platform. ( fon+ is on mips platform), so we cannot simulate it on our x86 laptop (I thought of simulating it on a laptop having two wired interfaces and one atheros based wireless client card).
3. Tap device (fon+) will bridge its wired interfaces so that all the traffic passes through and victim's network administrator woudnt have any way of knowing something might be wrong.
4. Besides, passing data from one wired interface to other, it sends it to wireless interface also which is an encrypted AP(security used is WPA2-PSK).
5. On top of it, tap device(fon+) will be running a vpn client to encapsulate all traffic in VPN tunnel.
6. The other linux machine, will act as wireless client connected to tap device and will be running VPN server. A tap interface is created on this linux machine, on which we can sniff the data, which is flowing through in victim's tapped network.
A good tutorial is given here:
http://www.digininja.org/interceptor/install_walkthrough.php
Now, i am just waiting for this fon+ ( also known as la fonera) to come in my hands, and really try it out.
No comments:
Post a Comment