DOCSLIB.ORG

Major Project Final

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Major Project Final 2015 PiFi Analyser MASON MCCALLUM, NATHAN VAZ AND TIMOTHY LY NORTHERN SYDNEY INSTITUTE | Meadowbank Executive summary Wireless networks have become more prevalent in contemporary society, as such it is important to accurately study the impact that wireless networking can have on personal security and privacy. The PiFi Analyser project outlines the methods behind passively recording wireless networks and mapping the recorded data with associated GPS location data. The ensuing report confirms the methodologies and technologies proposed can operate to scopes that could be used to significant effect. 1 | P a g e Contents Executive summary ................................................................................................................................. 1 Introduction ............................................................................................................................................ 4 Literature Review .................................................................................................................................... 5 Objectives ............................................................................................................................................... 7 Method ................................................................................................................................................... 9 Building the Device ............................................................................................................................. 9 Testing device ..................................................................................................................................... 9 Map plotting ..................................................................................................................................... 10 Choosing test Locations .................................................................................................................... 10 Location Monitoring ......................................................................................................................... 10 Rationale behind time and location choices ..................................................................................... 11 Mason McCallum .......................................................................................................................... 11 Nathan Vaz .................................................................................................................................... 11 Timothy Ly ..................................................................................................................................... 11 Hardware List ........................................................................................................................................ 12 Raspberry Pi 2 Model B ..................................................................................................................... 12 GPS Receiver BU353S4 ...................................................................................................................... 12 High gain Wi-Fi Alfa AWUS051NH..................................................................................................... 12 USB Battery Pack ............................................................................................................................... 12 Micro-SD card ................................................................................................................................... 12 Budget ............................................................................................................................................... 13 Software Tools List ................................................................................................................................ 14 airmon-ng .......................................................................................................................................... 14 airodump-ng ..................................................................................................................................... 14 ntpd ................................................................................................................................................... 14 gpsd ................................................................................................................................................... 14 cgps ................................................................................................................................................... 15 2 | P a g e Google Earth ..................................................................................................................................... 16 giskismet ........................................................................................................................................... 17 Workable Procedure ............................................................................................................................. 18 Setting up the Raspberry Pi .............................................................................................................. 19 Converting netxml files to kml .......................................................................................................... 23 Ethical Considerations ........................................................................................................................... 24 Results ................................................................................................................................................... 25 Discussion.............................................................................................................................................. 26 Observations ..................................................................................................................................... 27 Conclusion ......................................................................................................................................... 31 References ............................................................................................................................................ 32 3 | P a g e Introduction The use of the internet in Australia is one of the largest per capita growth sectors among developed nations. With broadband connections at home increasing to 81% from 74% over the course of one year (June 2013 to June 2014) (ACMA pg 35), as well as a higher percentage of users accessing the internet from a mobile device; 70% from 62% over the same time period, the use of wireless networks by Australians will likely continue to rise, especially when the same report shows that “approximately half of all Australian homes had more than five devices connected to the internet via a home network of all devices connected to a home network, 82 per cent were connected via Wi-Fi, while only 14% used wired technology only.” (ACMA pg 40). From these Australian consumer trends, we can extrapolate that the general population’s desire for internet access regardless if they are connecting to a trusted network or not i.e. public Wi-Fi. This practice could lead to potential digital harm such as contracting malware, identity theft and impacted performance among others. However the issue that this project aims to identify is the physical security associated with owning a mobile device. As mobile device (smartphones, laptops and tablets) ownership among adults nears saturation in Australia, it is safe to assume that the physical presence of an individual can be linked to the physical presence of their devices. This project will endeavour to show just how vulnerable the wider community is to detection, simply through connecting to a wireless access point. The potential abilities of our project could impact the way public networks are monitored by third parties as well as the security auditing capabilities available through measuring the security levels and traffic of various wireless networks over time. 4 | P a g e Literature Review The inspiration for the project methodology came from a practice called Wardriving, whereby individuals would drive around in cars and scan wireless networks passing by. A persistent notion about the original process which irked us was the requirement for a laptop with a Wi-Fi antenna really made the operation a little too conspicuous, as well as the need to conduct the scanning from a car. The idea for a more portable scanning apparatus was founded from the necessity to scan areas that a car might not be able to reach i.e. a shopping centre, range-restrictive apartment blocks, stadiums etc. Upon further research, we came across a project conducted by Sophos which had implemented aspects of our project idea, even using a raspberry pi hardware platform, they presented a corporate-quality level project called Warbiking (Sophos.com, 2015). The central focus of the Sophos feature involves their Raspberry Pi-based device attached to a bicycle and ridden around various cities gathering wireless network information and presenting their findings. These findings include the levels of security implemented throughout their bicycle scanning paths such as whether WEP, WPA or WPA2 types of encryption are being utilised. The most helpful source of research into this sort of project has been a white paper published by the SANS Institute in which a similar project featuring a Raspberry Pi-based Wardriving
Load more

Recommended publications
  • Creating a Mesh Sensor Network Using Raspberry Pi and Xbee Radio Modules
    Creating a mesh sensor network using Raspberry Pi and XBee radio modules By Michael Forcella In Partial Fulfillment of the Requirement for the Degree of MASTER OF SCIENCE In The Department of Computer Science State University of New York New Paltz, NY 12561 May 2017 Creating a mesh sensor network using Raspberry Pi and XBee radio modules Michael Forcella State University of New York at New Paltz _________________________________ We the thesis committee for the above candidate for the Master of Science degree, hereby recommend acceptance of this thesis. ______________________________________ David Richardson, Thesis Advisor Department of Biology, SUNY New Paltz ______________________________________ Chirakkal Easwaran, Thesis Committee Member Department of Computer Science, SUNY New Paltz ______________________________________ Hanh Pham, Thesis Committee Member Department of Computer Science, SUNY New Paltz Approved on __________________ Submitted in partial fulfillment for the requirements for the Master of Science degree in Computer Science at the State University of New York at New Paltz ABSTRACT A mesh network is a type of network topology in which one or more nodes are capable of relaying data within the network. The data is relayed by the router nodes, which send the messages via one or more 'hops' until it reaches its intended destination. Mesh networks can be applied in situations where the structure or shape of the network does not permit every node to be within range of its final destination. One such application is that of environmental sensing. When creating a large network of sensors, however, we are often limited by the cost of such sensors. This thesis presents a low-cost mesh network framework, to which any number of different sensors can be attached.
    [Show full text]
  • LAB 13: Wifi Security PA197
    LAB 13: WiFi security PA197 Sven Relovsk´y,Patrik Rehuˇs,Michal Snajdrˇ [email protected] Sven Relovsk´y,Patrik Rehuˇs,Michal Snajdrˇ [email protected] LAB 13: WiFi security Warning All of the advice/information that I'll give is purely for educational pur- poses. MU will not be responsible for any illegal use of this tutorial. Don't hack any wireless network, unless you are the owner of that network. Sven Relovsk´y,Patrik Rehuˇs,Michal Snajdrˇ [email protected] LAB 13: WiFi security We will try... Wifi security - vulnerabilities I Hidden SSID I MAC filtering I Weaknesses in WEP encryption I Security vs. Comfort (Is WPS secure?) I WPA/WPA2 capture handshake I Homework: WPA2 attacks KISMET tool I Detection of attacker's/fake access points Sven Relovsk´y,Patrik Rehuˇs,Michal Snajdrˇ [email protected] LAB 13: WiFi security Lab prerequisities 1. Hardware I laptop with a WiFi module (must support monitor mode) 2. Software I specialised Linux distro Kali Linux - All-In-One solution I airmon-ng { a bash script designed to turn wireless cards into monitor mode I airodump-ng { a packet capture tool for aircrack-ng I aireplay-ng { inject ARP-request packets into a wireless network to generate traffic I aircrack-ng { a 802.11 WEP / WPA-PSK key cracker I wash { utility for identifying WPS enabled points I reaver with Pixie { modified version - exploits a security hole in wireless routers I kismet { network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs Sven Relovsk´y,Patrik Rehuˇs,Michal Snajdrˇ [email protected] LAB 13: WiFi security Why is WiFi security so important? I WiFi connection is very popular (flexible, comfortable, cheap) I number of devices is rapidly increasing due to Internet of Things (IoT) I we transfer sensitive data Vulnerabilities I connect to devices in network (capture webcam, access to shared network storage, control intelligent things - heating, light .
    [Show full text]
  • Comparison of Wireless Network Penetration Testing Tools on Desktops and Raspberry Pi Platforms
    Comparison of Wireless Network Penetration Testing Tools on Desktops and Raspberry Pi Platforms Aparicio Carranza, PhD1, Daniel Mayorga, BTech1, Casimer DeCusatis, PhD2 and Hossein Rahemi, PhD3 1New York City College of Technology - CUNY, Brooklyn, NY USA, [email protected] 2Marist College, Poughkeepsie, NY USA, [email protected] 3Vaughn College of Aeronautics & Technology, East Elmhurst, NY USA, [email protected] Abstract– Wireless networks have become ubiquitous due to their transparent mode to capture packets in the 2.4 GHz band from ease of use and facilitation of mobile devices such as smart phones, a Netgear router [6]. We set up a WLAN for testing using a tablets, and various Internet of Things (IoT) applications. This has standard commercial dual band Cisco wireless router; driven a need for more advanced wireless penetration testing although our testing was conducted in the 2.4 GHz band, this techniques, and for more technical professionals trained in wireless work should be readily extensible to the 5 GHz band. Our security. In this paper, we investigate three popular open source wireless penetration testing tools (Aircrack –ng, Reaver, and Kismet) wireless router supports Wi-Fi Protected Setup (WPS) for and compare their behavior on a traditional desktop computer and testing with Reaver, and configuration options for WEP, a Raspberry Pi model 3. Use cases include packet sniffing and WPA, and WPA2 encryption [7-10]. While we recognize that decryption of WEP, WPA, and WPA2 passwords. Based on this WPS contains a known vulnerability and is not recommended work, we make recommendations for using specific tools in for sensitive applications, and that likewise WEP and WPA cybersecurity training and education.
    [Show full text]
  • Server / Drone / Client Infrastructure[Edit] Kismet for Mac Keyboard
    Kismet For Mac Developer(s) Mike Kershaw (dragorn) Stable release 2020-04-R3[1] / May 2, 2020; 5 months ago Repository Written in C++ Operating system Cross-platform Type Packet Sniffer License GPL Website www.kismetwireless.net 1. Kismet For Mac Keyboard 2. Kismet For Mac Download 3. Kismet For Mac Os 4. Kismet For Mac Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic. The program runs under Linux, FreeBSD, NetBSD, OpenBSD, and Mac OS X. The client can also run on Microsoft Windows, although, aside from external drones (see below), there's only one supported wireless hardware available as packet source. Distributed under the GNU General Public License,[2] Kismet is free software. Features[edit] Traditional Lipsticks, Liquid Lipsticks, Matte Lipsticks, Lip Plumping Glosses, Lip Liners and More! Showing 1–21 of 70 results. Rated 5.00 out of 5. CEO Semi-Matte Lipstick $ 18.00 Add to cart. Yours Truly Semi-Matte Lipstick $ 18.00 Add to cart. Sweetie Semi- Matte Lipstick. Two files stored in the /etc/kismet directory called 'apmanuf' and 'clientmanuf' are used to help Kismet determine the types and manufacturers of AP or wireless clients based on MAC. KisMAC is an open-source and free sniffer/scanner application for Mac OS X. It has an advantage over MacStumbler / iStumbler / NetStumbler in that it uses monitor mode and passive scanning. Kismet differs from other wireless network detectors in working passively.
    [Show full text]
  • GPSD Client HOWTO
    7/16/2017 GPSD Client HOWTO GPSD Client HOWTO Eric S. Raymond <[email protected]> version 1.19, Jul 2015 Table of Contents Introduction Sensor behavior matters What GPSD does, and what it cannot do How the GPSD wire protocol works Interfacing from the client side The sockets interface Shared-memory interface D-Bus broadcasts C Examples C++ examples Python examples Other Client Bindings Java Perl Backward Incompatibility and Future Changes Introduction This document is a guide to interfacing client applications with GPSD. It surveys the available bindings and their use cases. It also explains some sharp edges in the client API which, unfortunately, are fundamental results of the way GPS sensor devices operate, and suggests tactics for avoiding being cut. Sensor behavior matters GPSD handles two main kinds of sensors: GPS receivers and AIS receivers. It has rudimentary support for some other kinds of specialized geolocation-related sensors as well, notably compass and yaw/pitch/roll, but those sensors are usually combined with GPS/AIS receivers and behave like them. In an ideal world, GPS/AIS sensors would be oracles that you could poll at any time to get clean data. But despite the existence of some vendor-specific query and control strings on some devices, a GPS/AIS sensor is not a synchronous device you can query for specified data and count on getting a response back from in a fixed period of time. It gets radio data on its own schedule (usually once per second for a GPS), and emits the reports it feels like reporting asynchronously with variable lag during the following second.
    [Show full text]
  • Exploring Open Source Wireless Tools by Jake Snyder (The Dread Pirate Roberts) @Jsnyder81 Who Am I?
    Exploring Open Source Wireless Tools By Jake Snyder (The Dread Pirate Roberts) @jsnyder81 Who am I? • Wireless Engineer at CompuNet Inc • CCIE-W #43153 • CWNE #161 • Security Enthusiast • Linux hobbiest • Wireless Field Day Delegate (http://techfieldday.com/event/wfd8/) • Blogger • Maker What does a set of professional tools cost? What I use at work: Ekahau ESS: $4000 Omnipeek: $2500 Chanalyzer + WiSpy: $1250 Aircheck: $2000 *All prices are approximates Professional tools in my first year. • Airmagnet Survey pro • Yup, that was it. http://www.popsugar.com/entertainment/Princess-Bride-Quotes-35919789#photo-35919789 “I mean, if we only had a wheelbarrow, that would be something.” -Westley Sometimes you have to build a wheelbarrow • Linux VM • Proxim 8494 • Airmon-NG • Wireshark “Well, why didn’t you list that among our assets in the first place” -Westley All these tools… Why Open Source? Pros: Cons: • Low Cost • Free if your time is worth • Flexibility nothing • Lots of available tools • Pieces of a solution, you have to put it together • Low barrier to entry • Requires knowledge • Time = investment “Please consider opensource as an alternative to suicide.” – Prince Humperdink What are my hobbiest opensource costs? Options for todays presentation: Raspberry PI: $223 Intel NUC $436 Raspberry PI 2B $38 NUC5CPYH: $134.00 ASUS USB-N53 $45 8G Memory: $34 Micro SD Card: $15 SSD: $40 Case: $5 Intel 7265 $28 Ubertooth: $120 WiSpy 2.4Ghz: $200 Existing Laptop: $8 • USB stick to boot linux • The chocolate coating makes it go down easier • VM is an option, albeit not a good one My Preferred Wireless Adapters • Asus USB-N53 • Intel 726x • 802.11n • 802.11ac • 2x2:2 • 2x2:2 • USB 2.0 • Mini PCIe half height and m.2 • Ralink RT3572 using RT2800 Driver • Intel IWLWIFI: Non-Free firmware • Works on Raspberry PI required • $45 on Amazon • $27 on amazon • Has issues with Deauth/Dissassoc • Lots of clients using them packets not being passed to host.
    [Show full text]
  • OS-Based Resource Accounting for Asynchronous Resource Use in Mobile Systems
    OS-based Resource Accounting for Asynchronous Resource Use in Mobile Systems Farshad Ghanei Pranav Tipnis Kyle Marcus [email protected] [email protected] [email protected] Karthik Dantu Steve Ko Lukasz Ziarek [email protected] [email protected] [email protected] Computer Science and Engineering University at Buffalo, State University of New York Buffalo, NY 14260-2500 ABSTRACT In the last two decades, computing has moved from desk- One essential functionality of a modern operating system tops to mobile and embedded platforms. Advances in sens- is to accurately account for the resource usage of the un- ing, communication, and estimation algorithms have led to derlying hardware. This is especially important for com- the development of advanced robotic systems such as driver- puting systems that operate on battery power, since energy less cars and micro-aerial vehicles. Networks of sensors re- management requires accurately attributing resource uses to side in buildings as well as outdoor areas to monitor and processes. However, components such as sensors, actuators improve our daily lives. Since such use cases rely on hard- and specialized network interfaces are often used in an asyn- ware that is battery powered, energy constraints lie at the chronous fashion, and makes it difficult to conduct accurate heart of this evolution [16]. resource accounting. For example, a process that makes a Energy is a finite, system-wide resource that needs to be request to a sensor may not be running on the processor for efficiently managed across all applications. One requirement the full duration of the resource usage; and current mech- for this, is the ability to account energy usage for each ap- anisms of resource accounting fail to provide accurate ac- plication.
    [Show full text]
  • Online Monitoring Using Kismet
    San Jose State University SJSU ScholarWorks Master's Projects Master's Theses and Graduate Research Spring 2012 ONLINE MONITORING USING KISMET Sumit Kumar San Jose State University Follow this and additional works at: https://scholarworks.sjsu.edu/etd_projects Part of the Computer Sciences Commons Recommended Citation Kumar, Sumit, "ONLINE MONITORING USING KISMET" (2012). Master's Projects. 243. DOI: https://doi.org/10.31979/etd.rexc-dkr7 https://scholarworks.sjsu.edu/etd_projects/243 This Master's Project is brought to you for free and open access by the Master's Theses and Graduate Research at SJSU ScholarWorks. It has been accepted for inclusion in Master's Projects by an authorized administrator of SJSU ScholarWorks. For more information, please contact [email protected]. ONLINE MONITORING USING KISMET A Project Presented to The Faculty of the Department of Computer Science San Jose State University In Partial Fulfillment of the Requirements for the Degree Master of Science by Sumit Kumar May 2012 c 2012 Sumit Kumar ALL RIGHTS RESERVED The Designated Project Committee Approves the Project Titled ONLINE MONITORING USING KISMET by Sumit Kumar APPROVED FOR THE DEPARTMENTS OF COMPUTER SCIENCE SAN JOSE STATE UNIVERSITY May 2012 Dr. Mark Stamp Department of Computer Science Dr. Chris Pollett Department of Computer Science Dr. Cay Horstmann Department of Computer Science ABSTRACT Online Monitoring using Kismet by Sumit Kumar Colleges and universities currently use online exams for student evaluation. Stu- dents can take assigned exams using their laptop computers and email their results to their instructor; this process makes testing more efficient and convenient for both students and faculty.
    [Show full text]
  • Python Gps2system. 2/25/2017
    Python GPS2system. 2/25/2017 Overview The GPS system was designed to play audio clips along the route of the New Hope Valley Railroad. The initial impedes was to play sound effects during the Halloween train rides. At a specified latitude and longitude the device would play a specific sound effect. After the system is powered up, it may take the GPS receiver a couple of minutes to lock on to enough satellites to retrieve valid data. The system then runs autonomously. On start up, the LED indicator will come on after the linux system loads and the python application has been launched. This takes less than a minute. The indicator will begin to flash when the GPS receiver is locked and is sending valid data to the system. This could take several minutes, depending on the atmospheric conditions. In normal operation the LED will flash approximately once per second. The LED will remain on when an audio track is being played and when the system is capturing and storing positional data. Details All of the files are located in the /home/pi/gps2 folder. To begin the process we have to know the latitude and longitude of the locations that will play the audio clip. In the first iteration of this system, a Parallax BS2 stamp chip was used. This system was used for a couple of years. The limitation of this original system, which was chosen because it used a BASIC programming language, was the finite memory of the Parallax chip. Since the route of the railway was NE a compromise was made to use only the latitude data.
    [Show full text]
  • Garmin Usb Gps Receiver for Laptops
    Garmin Usb Gps Receiver For Laptops Perceptional Xever showed oppositely and emptily, she foreseen her pastis bedraggle proscriptively. Colbert remains agreeable: she inthrall her neutron loiter too reportedly? Laurens tariff rearwards. This accuracy has been adorned in the app through latitude and altitude features supported via satellite signals. Pole into Water Anchor, Talon Shallow water Anchor, Marine Radio, Shortwave Radios, Radio Scanner, Police Scanner, CB Radio, GMRS Radios, FRS Radio. Installation of USB GPS on Tablet desktop laptop Windows. Follow the steps to suppress deep insights on how they update Garmin GPS. USB ports of laptop. There who usually run most the few tens of points in similar route. Garmin connect a usb gps logger, holding out at an image to utilize one drone, receiver usb gps garmin for a long ago came as long enough, new posts to search in offline and! As it stands now sound the bland taste youve left hand my mouth. Radars are rarely used alone been a marine setting. Flaticon, the largest database excel free vector icons. Please has the gpsd control socket location. With uphold, you can download the latest roadmap and other one as needed. Fi for easy updates. Having sex second screen gets me up little closer to IFR capable, but love will thereafter need more buy lease install a Garmin certified GPS navigator. Garmin GPS Outdoor Handlheld Devices, Suppliers of hunting and outdoor products available so purchase online. You to have a reply or open. RAW plus JPG and ever the Olympus share App on essential phone to slant the images.
    [Show full text]
  • Evaluating Kismet and Netstumbler As Network Security Tools & Solutions
    Master Thesis MEE10:59 Evaluating Kismet and NetStumbler as Network Security Tools & Solutions Ekhator Stephen Aimuanmwosa This thesis is presented as part requirement for the award of Master of Science Degree in Electrical Engineering Blekinge Institute of Technology January 2010 © Ekhator Stephen Aimuanmwosa, 2010 Blekinge Institute of Technology (BTH) School of Engineering Department of Telecommunication & Signal Processing Supervisor: Fredrik Erlandsson (universitetsadjunkt) Examiner: Fredrik Erlandsson (universitetsadjunkt i Evaluating Kismet and NetStumbler as Network Security Tools & Solutions “Even the knowledge of my own fallibility cannot keep me from making mistakes. Only when I fall do I get up again”. - Vincent van Gogh © Ekhator Stephen Aimuanmwosa, (BTH) Karlskrona January, 2010 Email: [email protected] ii Evaluating Kismet and NetStumbler as Network Security Tools & Solutions ABSTRACT Despite advancement in computer firewalls and intrusion detection systems, wired and wireless networks are experiencing increasing threat to data theft and violations through personal and corporate computers and networks. The ubiquitous WiFi technology which makes it possible for an intruder to scan for data in the air, the use of crypto-analytic software and brute force application to lay bare encrypted messages has not made computers security and networks security safe more so any much easier for network security administrators to handle. In fact the security problems and solution of information systems are becoming more and more complex and complicated as new exploit security tools like Kismet and Netsh (a NetStumbler alternative) are developed. This thesis work tried to look at the passive detection of wireless network capability of kismet and how it function and comparing it with the default windows network shell ability to also detect networks wirelessly and how vulnerable they make secured and non-secured wireless network.
    [Show full text]
  • Wi-Fi Monitoring & Kismet
    Wi-Fi Monitoring & Kismet Mike Kershaw @KismetWireless Sharkfest 2019 Intro ● Wi-Fi sniffing has been around since the late 1990s ● Still something we need to do now… ● More and more “last-mile” is going to wireless ● More and more sensors, control networks, etc are going to wireless ● Offices are increasingly using Wi-Fi instead of running cable ● BYOD (Bring Your Own Device) is huge ● Plenty of security problems need monitoring Get off my lawn ● Kismet is over 18 years old now ● I used to joke it was old enough to drive. Now it’s old enough to buy cigarettes and vote. ● Undergone several significant rewrites over that period ● Most recent major rewrite in the last few years adds all new capabilities, user interfaces, etc ● More on this later though... Why do we need something special? ● Why do we even need another tool just to monitor Wi-Fi ● There’s already so many that monitor packets ● Maybe have heard of one or two ● Rhymes with “Tire Bark” ● I heard there’s some sort of conference about it? Wi-Fi is a unicorn ● Truly shared medium. Anywhere signal goes, it impacts something ● Not just shared media with your network, but shared with everyone near you ● Multiple networks overlap bandwidth and channel access ● Isn’t Ethernet. Your OS might act like it is. It isn’t. ● Remember the OSI model? You’re suddenly really going to care about layer 1 and 2 more than you ever did before. ● Knowing a network is there is not knowing what’s going on with the network ● Knowing what’s impacting your network is not simple! Discovering Wi-Fi networks ● Several techniques can be used to discover Wi-Fi ● Scanning mode: looks for advertising networks; can’t see clients, but does a good job showing what access points are out there.
    [Show full text]