DHS wants you to sniff your neighbors

Filed under Wireless Security

*** UPDATE #2: The site mentioned below is an elaborate hoax/experiment created by a graduate student! Thanks to everyone for researching this! If anything…get a good laugh out of it. ***

Well not really physically “sniff” your neighbors (that would be disgusting especially if you saw my neighbors)…but they do want you to fire up a network sniffer like TCPDUMP and collect the traffic off of wireless networks to root out “terrorists” in your neighborhood. I thought this was a joke when I first saw a link posted on McGrewSecurity…then I saw someone posted a link to this pdf on the penetration testing mailing list on insecure.org. In doing some research it looks like this may be an organization that is “affiliated” with the Department of Homeland Security. Hoax perhaps? This is from the “Network Neighborhood Watch” web site:

“Participants in HNAP would collect sample network traffic from their own home networks as well as samples from networks within the vicinity. The Neighborhood Network Watch will be making a set of freely available instructions on how to capture network traffic, using the open source packet sniffer TCPDUMP, and how to log onto nearby wireless networks that maybe being operated by neighbors.

These samples of network traffic would then be sent to the Neighborhood Network Watch for analysis using the latest revision of the NNWKAA. The participants would then be sent back a rating for each network along with a rating for the area as a whole.

This allows the participants to not only find out how their own home network is being used but also valuable information about those around their home that may have large amounts of terrorist related traffic flowing over them. This also provides the Neighborhood Network Watch with the ability to see if there is potential terrorist cell activity in or around the participants homes.”

Oh it gets better…there is a nice document (linked above as well) that tells you step-by-step how to sniff wireless traffic and send it to them for analysis:

“With the widespread adoption and usage of wireless networks, it has created a climate that is ripe for exploitation by terrorists. Since these networks often times are unsecured or offered as a free service to the public it allows any individual to use them, including terrorists. Even the networks that reside in our homes can be used by terrorists who maybe our own neighbors or fellow building residents.

Therefore it is imperative that these networks do not go unmonitored. That is why the Neighborhood Network Watch was established and why now the Home Network Awareness Program has been created to allows individuals like yourself to make sure that terrorists may not be using your own home network to plan the next attack on our nation or your very own community. This document has been created so individuals like yourself and your community can become more involved with and to help the Neighborhood Network Watch carry out its mission, by learning how to packet sniff your own home network. That mission being to keep our communityʼs networks safe from terrorists and those who may attempt to harm our community and our nation.”

The FAQ on their web site says it all I guess:

“Q: Isnít this invading my privacy?

A: In many ways yes, but in a post 9-11 world the government and most communities across the United States, believe that these sorts of measures are necessary to prevent our nation from being attacked by ruthless terrorists. In fact privacy is a relative term with a definition that is constantly being redefined. Especially so in the highly technologically mediated world we live in today. “

Does anyone else think this is the worst possible idea ever?

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • Digg
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

2 Comments

  1. Doug says:

    This can’t be legit. Doing some whois shows the company (Big Pipe) and server are based in Canada. Their pdf has some very stilted English use and misspellings in places. It seems almost like a scam to get traffic (hoping for passwords?), except I can’t imagine how it would work. It’s just too cumbersome.

  2. Tom says:

    Someone sent me the link below which goes to a blog of a guy who is working on this "software":

    http://itp.nyu.edu/blogs/ec

    Another link was found stating the following:

    Neighborhood Network Watch
    Emery C. Martin | NYU ITP
    A fictitious community based organization playfully critiques surveillance and current anti-terrorism policy.

    http://www.nml.cuny.edu/for

    Perhaps some college kid with way too much time on his hands?

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*