Kismet, Aircrack-ng, and Karmetasploit

Protecting Yourself

Even cautious users can't be certain of security. Most pay-to-access wireless networks do not include encryption because the provider would have to share the password with everyone in advance. That means an attacker could easily get a copy of it and decrypt traffic anyway. Even if a provider has a properly secured SSL-encrypted payment gateway, there's nothing to prevent anyone from watching your traffic or sniffing passwords, for example. Encryption of all your network traffic will provide such protection, as I covered in my "Secret Tunnels" article [6]. If you don't have a server to run your VPN traffic through, you might want to try the IPREDator VPN service [7]. IPREDator provides a PPTP-encrypted [8] VPN connection for EUR 5 a month, tunneling all your traffic to Sweden, where strict privacy laws should prevent access to it.

Infos

  1. Kismet: http://www.kismetwireless.net
  2. Aircrack-ng: http://www.aircrack-ng.org/
  3. "Metasploit" by Kurt Seifried, Linux Pro Magazine, November 2008, pg. 62. http://www.linuxpromagazine.com/Issues/2008/96/METASPLOIT
  4. KARMA + Metasploit 3 == Karmetasploit: http://trac.metasploit.com/wiki/Karmetasploit
  5. Upside-Down-Ternet: http://www.ex-parrot.com/pete/upside-down-ternet.html
  6. "Secret Tunnels" by Kurt Seifried, Linux Pro Magazine, July 2009, pg. 64. http://www.linuxpromagazine.com/Issues/2009/104/SECRET-TUNNELS
  7. IPREDator: https://www.ipredator.se/
  8. "Close and Secret" by James Stanger, Linux Pro Magazine, December 2008, pg. 22. http://www.linuxpromagazine.com/Issues/2008/97/CLOSE-AND-SECRET
  9. Wireless LAN channel list: http://en.wikipedia.org/wiki/List_of_WLAN_channels
  10. Wireless Networking in the Developing World: http://en.wikipedia.org/wiki/File:2.4_GHz_Wi-Fi_channels_%28802.11b,g_WLAN%29.png
  11. Creative Commons Attribution and ShareAlike License: http://commons.wikimedia.org/wiki/Commons:Reusing_content_outside_Wikimedia

The Author

Kurt Seifried is an Information Security Consultant specializing in Linux and networks since 1996. He often wonders how it is that technology works on a large scale but often fails on a small scale.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • BackTrack

    The BackTrack live distribution lets you act like an intruder to test your network’s security.

  • Wifislax

    Modern WiFi installations provide comfort, but they often have serious security problems. Wifislax offers an extensive collection of tools for checking the security of your wireless network.

  • Wireless LAN Security

    WLANs give you Internet access without a bird's nest of wiring. But if you don't take security seriously, you might find yourself with uninvited guests.

  • Hotspotter

    Security experts are always concerned with WLAN access points, but they sometimes forget that the client is also open to attack. Public hotspots make it quite easy for attackers to hijack connections, as the Hotspotter tool demonstrates.

  • On the DVD: BackTrack 5 R

    This issue’s DVD comes with the BackTrack 5 R1 [1][2][3] pen test distribution. BackTrack provides a great collection of pen testing and security auditing tools. You can boot into BackTrack Live from the DVD or install BackTrack permanently on your hard disk.

comments powered by Disqus