Category Archives: Wireless Security

DHS wants you to sniff your neighbors

Filed under Wireless Security

*** UPDATE #2: The site mentioned below is an elaborate hoax/experiment created by a graduate student! Thanks to everyone for researching this! If anything…get a good laugh out of it. ***

Well not really physically “sniff” your neighbors (that would be disgusting especially if you saw my neighbors)…but they do want you to fire up a network sniffer like TCPDUMP and collect the traffic off of wireless networks to root out “terrorists” in your neighborhood. I thought this was a joke when I first saw a link posted on McGrewSecurity…then I saw someone posted a link to this pdf on the penetration testing mailing list on In doing some research it looks like this may be an organization that is “affiliated” with the Department of Homeland Security. Hoax perhaps? This is from the “Network Neighborhood Watch” web site:

“Participants in HNAP would collect sample network traffic from their own home networks as well as samples from networks within the vicinity. The Neighborhood Network Watch will be making a set of freely available instructions on how to capture network traffic, using the open source packet sniffer TCPDUMP, and how to log onto nearby wireless networks that maybe being operated by neighbors.

These samples of network traffic would then be sent to the Neighborhood Network Watch for analysis using the latest revision of the NNWKAA. The participants would then be sent back a rating for each network along with a rating for the area as a whole.

This allows the participants to not only find out how their own home network is being used but also valuable information about those around their home that may have large amounts of terrorist related traffic flowing over them. This also provides the Neighborhood Network Watch with the ability to see if there is potential terrorist cell activity in or around the participants homes.”

Oh it gets better…there is a nice document (linked above as well) that tells you step-by-step how to sniff wireless traffic and send it to them for analysis:

“With the widespread adoption and usage of wireless networks, it has created a climate that is ripe for exploitation by terrorists. Since these networks often times are unsecured or offered as a free service to the public it allows any individual to use them, including terrorists. Even the networks that reside in our homes can be used by terrorists who maybe our own neighbors or fellow building residents.

Therefore it is imperative that these networks do not go unmonitored. That is why the Neighborhood Network Watch was established and why now the Home Network Awareness Program has been created to allows individuals like yourself to make sure that terrorists may not be using your own home network to plan the next attack on our nation or your very own community. This document has been created so individuals like yourself and your community can become more involved with and to help the Neighborhood Network Watch carry out its mission, by learning how to packet sniff your own home network. That mission being to keep our communityʼs networks safe from terrorists and those who may attempt to harm our community and our nation.”

The FAQ on their web site says it all I guess:

“Q: Isnít this invading my privacy?

A: In many ways yes, but in a post 9-11 world the government and most communities across the United States, believe that these sorts of measures are necessary to prevent our nation from being attacked by ruthless terrorists. In fact privacy is a relative term with a definition that is constantly being redefined. Especially so in the highly technologically mediated world we live in today. “

Does anyone else think this is the worst possible idea ever?

802.11 Attacks Whitepaper

Filed under Wireless Security

<%image(20060811-wireless access point.jpg|136|94|Wireless!)%>

Foundstone always puts together great research and releases great tools.

The other day Foundstone released a whitepaper describing all of the new and old 802.11 (Wireless) attacks. The paper gives some really good information about AP Impersonation, Rogue Access Points, Implementation Attacks (WEP, Dynamic WEP, WPA/WPA-2 cracking, including the Cafe Latte attack). The paper even goes into wireless client adapters and wireless DoS attacks.

If you conduct wireless penetration tests or want to know more about wireless security, I highly recommend you read this paper. You can download the 802.11 Attacks whitepaper directly from Foundstone.

Wireless Headset Dangers

Filed under Wireless Security

<%image(20080216-plantronics.jpg|127|127|Wireless Headset)%>

I was listening to the latest Security Now podcast and Steve Gibson mentioned an interesting social engineering attack where some penetration testers were able to pose as employees just by listening to conference call and other telephone conversations across the street from the company facility. They used a police scanner dialed into the 800-900 Mhz range to pickup the signals of unsecured wireless headsets (very popular with many companies). There was also a very good article on this posted on Dark Reading that is a must read about this attack.