tool to dissociate wireless clients?

This topic contains 14 replies, has 10 voices, and was last updated by  SephStorm 7 years, 1 month ago.

  • Author
    Posts
  • #7897
     SephStorm 
    Participant

    We have people connecting to a WAP that we are in charge of, but dont have admin access to, the service provider tells us that individuals are using the WiFi to download stuff, assuredly movies and other such stuff. Is there a tool that could dissociate wireless clients?

  • #49869
     jinwald12 
    Participant

    Mdk3 will suit your needs if scripted, or you can look into http://openwips-ng.org/index.html however it is immature at  this time.

  • #49870
     m0wgli 
    Participant

    Why can’t the AP be secured?

    If it’s someone whose supposed to be using the AP that is responsible for the questionable behaviour as identified by the ISP, then no wireless security measure is going to help anyhow. 

    An acceptable use policy may be some cover from any comeback on yourselves from it’s abuse (I’m not a lawyer, so don’t take that advice as absolute).

    If it’s someone that’s not supposed to be using it, the problem with any disassociation method is that it will be MAC based as far as I’m aware. Whats to stop them from changing their MAC address and regaining access?

    Anyhow, in addition to the advice already given, Aireplay from the Aircrack suite can also achieve this.

  • #49871
     S3curityM0nkey 
    Participant

    You could try using Aircrack-ng to send deauthentication packets to kick the device offline….

    http://www.aircrack-ng.org/doku.php?id=deauthentication

  • #49872
     rattis 
    Participant

    The problem with aircrack, the device will try to re-connect.

    How are you required to be in charge of it, if you don’t have admin access to it. What do they expect you to do, to be in charge of it?

    Is the ISP in charge of it?

    Maybe overkill, but figure out where those people are connecting from, if possible. Deploy fake WAPs in those locations. Access points without internet access. Same name, stronger signal than the real WAP. Look into authentication options if you can.

  • #49873
     shadowzero 
    Participant

    Disassociating clients is just a temporary measure that the client can easily work around. Better to just secure the AP itself to prevent these people from connecting. If the ISP expects you to secure it, tell them to give you admin access, or have them send someone with admin access to deal with it.

  • #49874
     jjwinter 
    Participant

    Wireless issues aside, you could deploy Untangle behind the AP and filter any torrent-like activity, and block other undesirable stuff. You could also present an Acceptable Use policy users must click on.

    I ran into a similar situation at a public library that offers free open wifi. The Untangle box made all the would-be torrent folks pick up and move on.

  • #49875
     SephStorm 
    Participant

    This is a basic rundown, we are using  temporary site, and there is a contract here that provides for wireless access. When we originally came to the site, the wifi was decent. We noticed significant issues as time went on, from users only being able to load 1-2 pages, ect. Well, the bosses called the company who did a survey. They stated it was users downloading from the living area while they were at the work site. Now I suggested that they ask the company to block the commonly used torrent ports and such, ultimately I am not in contact with the company myself, but my understanding is that the contract puts them in charge of the wired and wireless AP’s, but we as the customer have some sort of support.

  • #49876
     jjwinter 
    Participant

    So you have responsibility for AP’s you have no control over? What is your role there?

    Trying to tackle this from “boot people off with deauth tools” seems like too much hassle.

  • #49877
     Jamie.R 
    Participant

    I would try secure the wireless to be honest as its the best way the other alternative is to use air crack and write de auth script

  • #49878
     SephStorm 
    Participant

    The closest example I could give would be if your company goes to a hotel for a conference, they provide wireless access for your use, but you dont control the APs.

  • #49879
     rattis 
    Participant

    At which point it shouldn’t be your problem, it should be the providers. Is the app and cable / dsl / whatever modem built in, or can you put a device between them?

    if you can put something between them, I’d say go with the Untagled solution that jjwinter suggested.

    Also have the person in charge let them know that what they are doing isn’t authorized and there will be penalties for being caught.

  • #49880
     DataDwarf 
    Participant

    There is NetCut, which is windows only:

    http://www.arcai.com/netcut-faq/62-what-is-netcut.html

    and recently released WiFiKiller for android:

    http://thehackernews.com/2012/09/eject-any-wifi-device-from-network.html

  • #49881
     BillV 
    Participant

    I don’t think I noticed anyone recommend this, but what’s stopping you from unplugging the WAP in question and plugging your own in? Seems that’d solve all the problems.

  • #49882
     SephStorm 
    Participant

    quite right, thank you all for the suggestions. I’m not sure what they did, but the internet has worked much better recently.

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?