gHacks technology news » hotspots

Xirrus Wi-Fi Monitor

Martin — Sun, 06 Jul 2008 06:51:39 +0000

Xirrus Wi-Fi Monitor is a gadget for Windows Vista and a widget that is requiring the Yahoo Widget Framework for Windows XP and Apple Macintosh OS X. It’s an application for wireless users that displays all kind of information about discovered wireless networks that are currently in reach.

The radar view seems to be the favorite way of displaying wireless networks for several applications of that kind. The main widget displays the radar view, the network adapter and information about a wireless hotspot if one has been selected from the radar. Those information include data rate, channel, SSID and signal strength.

The software monitors the surrounding area in real time and displays new wireless hotspots once they come into reach.

A detailed view is available as well which displays additional information such as default authentication mode, encryption, frequency, network mode and type. The software makes use of all wireless network adapters installed or connected to the computer system. Statistics and a glossary are available for additional information.

Tags: hotspots, osx widget, vista gadget, wi-fi, wi-fi monitor, wireless, xp widget

Apple and AT&T Will Learn that User Agents are no good for access control

Martin — Fri, 02 May 2008 19:48:20 +0000

Apple iPhone users can access the Internet free of charge through AT&T hotspots, that’s what Macrumors is reporting. That’s a great additional feature for iPhone users and apparently for everyone else as well. The way of determining if a device is eligible for free access is by checking the User Agent of the device. We all know what it is very easy to spoof the User Agent of any browser. All that needs to be done now is to change the User Agent of the browser to the User Agent of the iPhone’s browser.

The User Agent of the iPhone browser is Mobile Safari 1.1.3 – iPhone. A user with Firefox or Opera could now easily change his User Agent to the one used by the iPhone to access the Internet without costs at every AT&T hotspot. One possible add-on that can be used for Firefox would be the User Agent Switcher.

User Agents are definitely not a secure way to protect a network or website from unauthorized access. The same can be said for referrer checks which are as insecure. It probably will only be a matter of time when AT&T decided to change the way the free access is granted to the iPhones only. Probably through a small application that is run on the iPhone instead.

Tags: apple, apple iphone, att, hotspots, iPhone

Wireless Hotspot Hacks

Martin — Sat, 22 Jul 2006 06:39:34 +0000

Did you know that it is relativly easy to phish Wi-Fi hotspot subscription credentials ? The process involves only two steps and requires a wireless network card that supports the HostAp drivers which makes it look like the signal is actually coming from a hotspot and not from an ad hoc network.

You have to setup your computer to look like a legit Access Point broadcasting the actual SSID of the service and you will have to fake a login page to resemble the login page of the service that you are emulating. The ethical hacker network describe everything with lots of screenshots. The most important part of the article is of course the way to defend against this fake Access Points.

It is highly difficulty for the normal user to validate an access point. You could check the AP settings if offered, for example the Authenticity Certificate of the Access Point and of the login website that you are visiting. Another way to prevent a MITM attack would be to utilize server host authentication, which prevents an attacker from being able to impersonate the access point because they do not have access to the AP’s private key.

Tags: hotspots, Security, wireless

gHacks technology news » hotspots

Xirrus Wi-Fi Monitor

Related posts

Apple and AT&T Will Learn that User Agents are no good for access control

Related posts

Wireless Hotspot Hacks

Related posts