Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Roger Parks
July 30, 2006, 8:47 pm
rate this thread
Do you mean something like this?
Or perhaps a more straightforward, ARP/MIM attack tool:
I share your concern, and as one who travels and uses hotspots a lot, I
switched to Linux and use the following tools. You may be able to
find similar tools/functions for windows (e.g. Prevx to prevent buffer
overflows; Snort; etc.) - the important thing is to understand
what the exploits are, and how the tools can help you.
(others will certainly disagree with my setup....below :-) )
- Kismet - to quietly monitor the environment/lan for any untoward
activity before the connection. If you have a second card, you can run it
during the connection as well.
- Arpstar - to detect and prevent any ARP spoofing on my box.
- Snort - to detect any browser exploit, and/or netcat insertion that
might get by the firewall
- Hardened chroot jail - to contain any WAN-connected client that might
be exploited by a zero-day exploit that Snort doesn't recognize. Let the
shell look about in there; :-) or try to break out.
- Buffer/stack overflow protection. The most common exploit, and in case
it tries that, the browser and connection is terminated instantly
- TOR - encrypt everything that comes and goes. Mail and/or web mail is
ssl encrypted within the TOR connection.
- Frequently Spoofed MAC - 'case kiddees want to put a face on an
address, and pick me out for "special" treatment - just to watch me wince
- or if the house keeps too many logs for too long (heh, mostly they'll
see a bunch of TOR connections - maybe a plaintext Google news connection).
- Samhain - Ongoing integrity checks to see if anything in the browser
jail (or anywhere else) has unexpectedly changed.
My little Linux laptop has all of the above on it and flies; my XP box
(same box, different partition/OS) has only snort and TOR, and it slowed
it down to a crawl. I will NOT go public with XP.
Same tools will help protect your WAP/firewall/router. Be sure to use
It is striking - how some of the hotspots become "nasty" on Friday and
Saturday nights! Good Luck!
Vista error#4711: TCPA / RIAA / NGSCP / WGA VIOLATION: Microsoft
optical mouse detected Linux patterns on mousepad. Partition scan in
progress to remove offending, unapproved products. Request permission,
and apply for a new key to reactivate MS software at www.ms.com
Re: Best way to protect a laptop from highly skilled hackers and professionals
Much less fuss. Works great on Windows XP. Easy instructions at
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes
- » want to create and install private key certificate using openssl
- — Next thread in » Computer Software Security