Posts tagged: WiFi

Mar 01 2014

Outernet – Free Global Wi-Fi Internet Access from Outer Space

Outernet Free WiFi Internet Access The Outernet is a global networking project currently under development by the Media Development Investment Fund (MDIF), a United States-based non-profit organization. The Outernet’s goal is to provide free access to internet data through wifi, made available effectively to all parts of the world.

How Does it Work?
Outernet consists of a constellation of low-cost, miniature satellites (CubeSats) in Low Earth Orbit. Each satellite receives data streams from a network of ground stations and transmits that data in a continuous loop until new content is received. In order to serve the widest possible audience, the entire constellation utilizes globally-accepted, standards-based protocols, such as DVB, Digital Radio Mondiale, and UDP-based WiFi multicasting.

The network would initially support only one-way traffic, with two-way traffic being implemented once adequate funding is raised. Initial prototype satellite deployments is planned for June 2014, with the final deployment run scheduled for mid-2015. According to MDIF, the initial content access includes international and local news, crop prices for farmers, Teachers Without Borders, emergency communications such as disaster relief, applications and content such as Ubuntu, movies, music games, and Wikipedia in its entirety.

MDIF plans to formally request NASA to use the International Space Station to test their technology in September 2014. Manufacturing and launching of satellites would begin in early 2015, and Outernet is planned to begin broadcasting in June 2015.

India based “Spacify Inc” is a private non-profit company by Silicon Valley based technocrat and entrepreneur Siddharth Rajhans along with Space debris mitigation expert Sourabh Kaushal, which is privately working on using this technology to provide global free wi-fi access.

Source: Outernet – Official Website

Feb 05 2012

Wifi Protector – Protect Your Android From Wi-Fi Sniffing Attacks

Android Wifi ProtectorDetects and protects from all kinds of ARP (Address Resolution Protocol) related attacks in Wi-Fi networks, like DOS (Denial Of Service) or MITM (Man In The Middle) Attack.

Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via MITM through ARP spoofing / ARP poisoning.

Features:
– Uses very few resources
– Uses no resources if Wi-Fi is disabled
– Nearly zero battery consumption
– Requires very few permissions. Requests only absolutely necessary permissions
– No configuration required, works off the shelf for novices
– Experts can change many settings to adapt the app to their needs
– Undetectable by the bad guy
– 100% silent and passive inside the network. Generates no noise
– Highly customizable notifications
– Plays ringtone on attack (optional)
– Vibrates in a given pattern on attack (optional)
– Easy to use one-click-interface as well as detailed network view for experts
– “Immunity” protects you without disabling Wi-Fi (root required)
– Can also disable Wi-Fi if you don’t have root access to your phone
– Logging of all spoofing attempts with details about the network and the attacker
– Works in complex wireless LANs, like vWLAN and WDS (please see FAQ)
– Detects networks already under attack
– Automatic countermeasures


Download:
https://market.android.com/details?id=com.gurkedev.wifiprotector

Dec 27 2011

WiFi Protected Setup (WPS) PIN Brute Force Vulnerability

WiFi Protected Setup
The WiFi Protected Setup (WPS) PIN is susceptible to a brute force attack. A design flaw that exists in the WPS specification for the PIN authentication significantly reduces the time required to brute force the entire PIN because it allows an attacker to know when the first half of the 8 digit PIN is correct. The lack of a proper lock out policy after a certain number of failed attempts to guess the PIN on many wireless routers makes this brute force attack that much more feasible.

Description:
WiFi Protected Setup (WPS) is a computing standard created by the WiFi Alliance to ease the setup and securing of a wireless home network. WPS contains an authentication method called “external registrar” that only requires the router’s PIN. By design this method is susceptible to brute force attacks against the PIN.

When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 108 to 104 + 103 which is 11,000 attempts in total.

It has been reported that many wireless routers do not implement any kind of lock out policy for brute force attempts. This greatly reduces the time required to perform a successful brute force attack. It has also been reported that some wireless routers resulted in a denial-of-service condition because of the brute force attempt and required a reboot.

Impact:
An attacker within range of the wireless access point may be able to brute force the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause a denial of service.

Solution:
We are currently unaware of a practical solution to this problem. Please consider the following workarounds:

Disable WPS
Within the wireless router’s configuration menu, disable the external registrar feature of WiFi Protected Setup (WPS). Depending on the vendor, this may be labeled as external registrar, router PIN, or WiFi Protected Setup.

Vendor Information:

Vendor Status Date Notified Date Updated
Belkin, Inc. Affected   2012-01-06
Buffalo Inc. Affected   2011-12-27
D-Link Systems, Inc. Affected 2011-12-05 2011-12-27
Linksys (A division of Cisco Systems) Affected 2011-12-05 2011-12-27
Netgear, Inc. Affected 2011-12-05 2011-12-27
Technicolor Affected   2012-01-06
TP-Link Affected   2011-12-27
ZyXEL Affected   2011-12-27

Credit:
Stefan Viehböck

References:
wi-fi-protected-setup-pin-brute-force-vulnerability
Wi-Fi_Protected_Setup
WCN-Netspec.doc
wifi-protected-setup
WPS Vulnerability Tesing – Google Docs
disabling-wps-on-the-router

Dec 14 2009

inSSIDer – Wi-Fi Network Scanner For Windows

inSSIDer is an award-winning free Wi-Fi network scanner for Windows Vista and Windows XP. Because NetStumbler doesn’t work well with Vista and 64-bit XP, an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems.

inSSIDer

What’s Unique about inSSIDer?

  • Use Windows Vista and Windows XP 64-bit.
  • Uses the Native Wi-Fi API.
  • Group by Mac Address, SSID, Channel, RSSI and “Time Last Seen”.
  • Compatible with most GPS devices (NMEA v2.3 and higher).

How can inSSIDer help me?

  • Inspect your WLAN and surrounding networks to troubleshoot competing access points.
  • Track the strength of received signal in dBm over time.
  • Filter access points in an easy to use format.
  • Highlight access points for areas with high Wi-Fi concentration.
  • Export Wi-Fi and GPS data to a KML file to view in Google Earth.

Download: Inssider_Installer.msi

More Info: inSSIDer Wi-Fi Scanner | Metageek

Oct 10 2008

Hacking Free Wifi With URL Tricks

You can leech free wifi from some paid hotspots by monkeying around with the URLs.

Most paid wifi hotspots accept your browser’s request and then redirect you to a login page where you need to pay to access the network.
But some systems of this nature are set up in such a way that images and other direct file requests seem to slip through without the redirect to the login page.
It’s essentially an oversight on the network administrator’s part, so it may not work with every hotspot.

But here’s the hack: just append ?.jpg to the end of your queries to trick the network into loading the full web page for free.
The browser passes this info along as an extra parameter and the site in question will likely just ignore it, loading the page as normal.

Of course this tip comes from a blog post that’s nearly two years old, so there’s no guarantees.
But here’s the basic code, which I pulled from a commenter on Lifehacker’s write up:
if (window.location.toString().match(".jpg") == null) {
window.location.replace(window.location + '?.jpg');
}

Save that as JavaScript file and add it to Firefox via Greasemonkey and give it a shot.

Of course since there are plenty of free networks in most places, there isn’t much point to hacking paid networks.
But for situations like airports, hotels and other isolated, expensive networks, it could come in handy.

Is it legal? No idea. I’m not a lawyer, so use this info at your own risk.
If you try it, be sure to let us know how it works.