Posts

Showing posts from November, 2010

KisMAC and AirPort - A Match Made in Heaven (Almost)

Image
I love free stuff. I love it even more when it works. And while I am a natural skeptic of the usefulness of free software (thus contradicting a timeless programmer's joke), the ability to run KisMAC-ng with an AirPort Extreme interface in Monitor mode is quite nice. Not as nice as it could be if a few little tweaks were made to the software, but for a free product it remains the best WiFi sniffer for Mac OS X.


Way back in January of this year (seems further back than that, which is interesting since years are supposed to feel faster as you get older, right?) I wrote about using a combination of KisMAC, Wireshark and a DWL-122 802.11b/g USB adapter to do WiFi sniffing when running Mac OS X. Six months later I wrote about sniffing with a Mac again, this time focusing on using a virtual machine. The basic gist of those updates was that running Windows on your Mac is the best way to sniff, but if you must run OS X then you can at least capture 802.11 b/g frames if you have a DWL-122 a…

Firesheep and Monitor Mode

The Internet wireless community was set aflutter last week when Eric Butler, a freelance developer from Seattle, introduced Firesheep, a Firefox extension that is advertised as a way to perform sidejacking attacks over unencrypted wireless networks. The software is super slick and all, but what interests me is the way it handles frame capture. 


For those who may have missed it, Firesheep is a Firefox extension that allows users to view web sessions that are active on the channel. It works via a wired or wireless channel, but the prospect for wireless viewing received much more press because, A) nobody uses hubs anymore, and B) wireless vulnerabilities always get much more press.

The tool is slick and, as far as I can tell, a better name for it would be, "Screw Facebook". From the unscientific tests I've done, Firesheep users are able to gain limited access to other people's accounts on a number of popular sites, but the real eye opener is the ability to view and even…