.

Stealthing the Ether

<<

str8jack3t

Newbie
Newbie

Posts: 7

Joined: Mon Jun 27, 2011 6:19 pm

Post Wed Jun 29, 2011 11:54 am

Stealthing the Ether

A friend of mine was complaining about how he thinks somebody is tapped into his Wi-Fi.  I found out after looking into it, that he's using WEP...that's sad in itself.  Secondary he's got the default admin/password on his router admin page, not so smart, but not surprising.

When I logged into his router admin, I noticed several PC's named the same as his...I guess masking them on first glance?? Obviously the MAC addresses were different.  So I assume he is getting tapped for free Wi-Fi, but it got me to thinking:

1) What would you do to mask yourself in this scenario?
2) Was naming the PC the same as his an attempt to mask?

I'm new in this type of arena and now I'm interested like crazy and would love to put myself in their shoes to see the angle...like reverse engineering.  Let me know how you would cover your tracks or post links referencing this scene.

Thank you all in advance!!
<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Wed Jun 29, 2011 12:01 pm

Re: Stealthing the Ether

Someone once told me they can tell me and I will remember for 10 minutes or they can tell me to go look it up and I will remember it forever, so I going to tell you the same hit up google and do some research on how to mask yourself and come back and tell us about it.
CCENT, A+, Network+, Security+
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Wed Jun 29, 2011 12:12 pm

Re: Stealthing the Ether

You can also modify the MAC address to match another machine on the network.  This will hide your presence, making it look like a machine that the wifi owner believes is supposed to be on the network.  This also has the added bonus of bypassing MAC filtering, if configured.
GSEC, eCPPT, Sec+
<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Wed Jun 29, 2011 12:15 pm

Re: Stealthing the Ether

Take the next step and you have arp poisoning.
CCENT, A+, Network+, Security+
<<

packet.Wire

Newbie
Newbie

Posts: 6

Joined: Tue Jun 28, 2011 6:25 am

Post Wed Jun 29, 2011 12:23 pm

Re: Stealthing the Ether

Changing your mac address to something that doesn't look suspicious is one of the ways that you'd do it. You wouldn't want to change it to 00:11:22:33:44:55 because that'd stand out too much. Most home users, and corporate for that matter, don't keep track of mac addresses in their possession.
CISSP CCNP CCSP Sec+
<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Wed Jun 29, 2011 12:25 pm

Re: Stealthing the Ether

O but they should.
CCENT, A+, Network+, Security+
<<

str8jack3t

Newbie
Newbie

Posts: 7

Joined: Mon Jun 27, 2011 6:19 pm

Post Wed Jun 29, 2011 1:53 pm

Re: Stealthing the Ether

El33tsamurai - HAHAHA, love it!  I will take your advice boss! Thank you.

packet.Wire - Excellent.  I have a couple PC's I can play with.  Will do some research and see how it goes.  Thank you!

lorddicranius - Thank you for that!!!

Time to rake the net!!
<<

El33tsamurai

User avatar

Full Member
Full Member

Posts: 219

Joined: Sat Feb 03, 2007 4:01 pm

Post Wed Jun 29, 2011 2:00 pm

Re: Stealthing the Ether

With an answer like that you will do well in this field!  If a person say WTF was that, so stupid! Will go no where in this field.
CCENT, A+, Network+, Security+

Return to Wireless

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software