Re: A WiFi security tool I would like to see developed

[matt merhar <merharm () wra net>]

Hey RMS,
Great idea, but I think it's already been in the works in the latest
version of Dug Song's infamous dsniff. I really hope that he fixes the
several remote exploits that exist in this acclaimed pen-testing tool,
though.

Here are some recent #monkey logs I've acquired that highlight the
features that I'm discussing.
*** #monkey Session Start (11/24/02) ***
<dr``> Hey Doug. How's it going? I'm working on my HoneyNet project, and
I'd like to implement a WiFi security tool. I think it'd be splendid if
we could somehow alert these ScriptKiddie BlackHats as to how insecure
it is for them to use our HoneyPots send Unsolicited Commercial E-Mail
(Better known as spam).
<dugsong> Excellent notion! In my homeland of Asia, it is considered
good KARMA to help people in times of need. Peradventure I shall add
such a feature in my next version of dsniff?
<dr``> Superb. Maybe you can give me credit for the idea? I think it'd
be delightful if we made it email everyone involved in this BlackHat
SPAM attack, including the Sender, the Receiver, and even those to which
a Carbon-Copy will be sent!
<dugsong> What's this bullshit I hear about ScriptKiddies being able to
gain root access to the VMWare Host Machines by exploiting flaws in the
x86 architecture?
<dr``> Rubbish! I've got Lance Spitzner on my side. I'm sure he's
audited the source code very well. What's this I hear about dsniff being
remotely exploitable in several places throughout the CodeBase?
<dugsong> Hmmm. Alright. I'll keep quiet.
*** #monkey Session End (11/24/02) ***
On Wed, 18 Dec 2002 21:28:04 -0500
"Richard M. Smith" <rms () computerbytesman com> wrote:

> Hi,
>
> Here is a WiFi security tool that I would like to see developed and
> made available free of charge on the Internet.  The tool would be a
> packet sniffer that listens to unprotected email traffic on a WiFi
> network. When it sees an email message being sent in the clear, it
> sends out its own message to the "To", "From", and "CC" email
> addresses saying that the message could be easily read by the "bad
> guys".  The message who link to a Web page that describes the security
> problems with unprotected WiFi networks and then offers some possible
> solutions to the problems.
>
> This tool would be a great way to educate the public on the dangers of
> insecure WiFi hotspots.  It would make crystal clear to all
> participants of the email conversation how easy it is for
> eavesdroppers to listen in.
>
> From privacy reasons, the tool should not keep a record of any the
> TCP/IP traffic that it sniffs.
>
> I believe that the tool can be put together without too much trouble
> using existing public domain software libraries.
>
> Any takers?
>
> Thanks,
> Richard M. Smith
> http://www.ComputerBytesMan.com
>   
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html