Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Emulating a wireless access point

From: "Meredith S" <merediths () pwaor com>
Date: Tue, 14 Aug 2001 15:46:38 -0700

        Actually, it probably has to do w/ the frequency / harmonic resonance of
the phone interfearing w/the AP ... not the proximity. Even if the phone
operates on a different frequency, it can interfere w/ the AP via harmonic
resonance.
        Harmonic Resonance occurs when one of the frequencies is a multiple of the
other. Say your AP operates at 2 hz ( for simplicity sake) and your phone
operates at 4 hz, then every other cycle of the phones frequency will be in
phase w/ the access points.

ASCII Diagra:
|                  x -- sine peak                 As you can see, the sine
waves are prefectly
|      |   |   |   |                Phone         in-phase at 2 and 4 w/
respect to the phone.
|     | | | | | | | |
|        |   |   |   |
|_________________________________ T = 1 sec
|
|                      x -- sine peak
|          |       |
|     ....| |.....| |.               Access Point
|             | |
|              |
__________________________________ T = 1 sec

        Are there any Ham operators out there that can confirm or deny this?

 -- Meredith Shaebanyan

-----Original Message-----
From: Jason Brvenik [mailto:jason () brvenik com]
Sent: Tuesday, August 14, 2001 6:51 AM
To: pen-test () securityfocus com
Subject: RE: Emulating a wireless access point


FWIW, This would seem very possible.

I have a Cisco 340 AP at home I use for freedom around the house (over a
VPN of course). I also have one of those cool multi-point 2.4gig
cordless phones with 3 handsets.

So you are asking what does this have to do with anything?

Well, let me tell you. Every time I pick up the phone it blows out the
association with the AP. I haven't had time to look into it any further
but I am guesstimating that it is related to the proximity of the phone
to the 340 cards I use. I've been intending to get the newer higher
power 350 AP and cards to see what that does but with so many other fun
things to spend money on I haven't gotten around to it.

Jason



-----Original Message-----
From: Steve Skoronski [mailto:skoronski () ctidata com]
Sent: Monday, August 13, 2001 4:08 PM
To: pen-test () securityfocus com
Subject: Emulating a wireless access point


greetings,

        I have heard about wireless LAN attacks that involve 'overpowering'
or competing with the real Access Point with your own. The idea is that
the
clients will automatically switch to your, higher powered AP,
authenticate,
and then you can sniff the authentication sequence.

        Has anyone seen software to emulate this on a PC/Laptop with a wi-fi
card? Or should I go look for a used AP?


TIA

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: