Educause Security Discussion mailing list archives
Re: Connectify
From: Chris Green <cmgreen () UAB EDU>
Date: Fri, 11 Mar 2011 12:11:22 -0600
I don't like DeAuth very much because it is unlicensed spectrum and with the personal hotspot features and urban areas, there are a lot of scenarios where legit APs overlap. Windows has Internet Connection sharing built in. A MS conference long I was at long ago said "why would you want to deploy Aps, just put wifi cards in your PCs and share the connectivity" Generic NAT detection (http://conferences.sigcomm.org/co-next/2009/workshops/student/papers/Krmicek.pdf) may be useful to find the places where NAT. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David Gillett Sent: Friday, March 11, 2011 11:49 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Connectify Macs apparently have the equivalent feature built-in, and it seems to usually be staff/instructors who "accidentally leave it enabled"... We treat them like any other rogue AP, de-authing any clients connecting to them. David Gillett ________________________________ From: HOGGATT, ANDY F. [mailto:hoggatta () OTC EDU] Sent: Friday, March 11, 2011 09:30 To: SECURITY () listserv educause edu Subject: [SECURITY] Yes, I'm asking for ideas on preventing students from being able to do this. Sorry for the confusion, I should have been clearer. Thank You, Andy Hoggatt Ozarks Technical Community College Interim Network Security Systems Administrator hoggatta () otc edu<mailto:hoggatta () otc edu> 417.447.7535 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roger Safian Sent: Friday, March 11, 2011 10:54 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Andy - I'm not sure what you are asking. It sounds like the software is working as expected. Are you asking about ways to prevent this? From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of HOGGATT, ANDY F. Sent: Friday, March 11, 2011 10:27 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Greetings, I've recently conducted testing using a piece of software called "Connectify". This software allows a user to turn their wireless laptop into a Wi-fi Hotspot. The software creates virtual wireless interfaces for its hosts and then utilizes NAT to make the connection appear as if it's coming from the Hotspot instead of the connected hosts. By doing so a student is able to allow other students to piggy-back off their wireless connection, with only the one device/user authenticated on our student, wireless network. When viewing the logs of our firewall, connections appear, in regards to both I.P. address and MAC address, as if the connections are originating from the Wifi-hotspot and not the connected hosts. I suspect that Internet tethering such as this may become more prevalent as more smartphones begin to incorporate this functionally into their operating systems. Has anyone else received any other reports similar to this and has anyone come up with a solution to help remedy the situation? Any and all feedback would be welcome. Thank You, Andy Hoggatt Ozarks Technical Community College Interim Network Security Systems Administrator hoggatta () otc edu<mailto:hoggatta () otc edu> 417.447.7535
Current thread:
- [SECURITY] HOGGATT, ANDY F. (Mar 11)
- [SECURITY] Sachnoff, Neil (Mar 11)
- [SECURITY] Dave Kovarik (Mar 11)
- [SECURITY] Roger Safian (Mar 11)
- [SECURITY] Maria Peluso (Mar 11)
- [SECURITY] HOGGATT, ANDY F. (Mar 11)
- Re: Connectify David Gillett (Mar 11)
- Re: Connectify Di Fabio, Andrea (Mar 11)
- Re: Connectify Chris Green (Mar 11)
- [SECURITY] Russ Leathe (Mar 11)
- [SECURITY] Valdis Kletnieks (Mar 11)
- [SECURITY] Kevin Wilcox (Mar 11)
- [SECURITY] HOGGATT, ANDY F. (Mar 11)
- Re: Connectify Jeff Kell (Mar 11)
- Re: Connectify Greg Williams (Mar 11)
- [SECURITY] Sachnoff, Neil (Mar 11)
- [SECURITY] Greg Williams (Mar 11)