HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 30 guests and 1 member online
 
Free Business and Tech Magazines and eBooks

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Wireless honeypot
EH-Net
May 23, 2013, 05:51:02 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Wireless honeypot  (Read 3851 times)
0 Members and 1 Guest are viewing this topic.
jonas
Newbie
*
Offline Offline

Posts: 46


View Profile
« on: February 16, 2011, 05:54:38 AM »
Hi guys,

I've been playing around with cracking my WEP, ARPspoofing and SSLstrip, which is awesome.
However, what if i wanted to "reverse" the process to create a honeypot?  Let's say i create a WEP network, which get hacked, and i would want to identify the hacker by f.example facebook.
Having the router forward all packets incoming on port 80/443 to port 5555 on my computer running SSLstrip/ettercap, which then again forwards the traffic to port 80/443 on my router and out on the internet.  Would that work?  I would like to eliminate the ARPspoof process.

Also, does anyone have any better ideas?  I was thinking of port mirroring but that wouldnt eliminate the SSL if im not mistaken.

Maybe a simple solution is setting up a computer with 2 NIC's?
« Last Edit: February 16, 2011, 05:57:09 AM by jonas » Logged
jonas
Newbie
*
Offline Offline

Posts: 46


View Profile
« Reply #1 on: February 16, 2011, 07:04:41 AM »
And yeah, i know you can do this by using the ettercap "autoadd" function!  But i don't want arpspoofing at all =)
Logged
cd1zz
Hero Member
*****
Offline Offline

Posts: 561


View Profile WWW
« Reply #2 on: February 16, 2011, 03:41:42 PM »
Why not just make your MITM box the default gateway? Have the router give out the IP of that box for the gateway and boom, everyone is sending all traffic right through your machine. This is just for practice right? You're not setting this up trying to lure people into it are you?
Logged
OSCE | OSCP | GXPN | OSWP | CISSP
http://www.pwnag3.com
http://www.networkadminsecrets.com
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.089 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.