Category Archives: Wireless

Google Announces The OnHub WiFi Router

Today Google announced that they are moving into the WiFi router market. The new router is produced through a partnership with TP-Link and it’s called OnHub. Google is marketing OnHub as a router that is simple to setup, effortless to maintain, and highly reliable. Much like Apple’s AirPort Extreme, the OnHub is a very tall router in order to integrate internal antennas, and it is managed via an app for your iOS or Android device. The mobile app will also allow you to see which devices are using bandwidth, and to apply QoS rules to limit devices from using too much. During setup it will automatically select the best channel for minimal interference, and can adjust on its own as necessary. Software updates are also automatically downloaded and applied, which makes it essentially self maintaining as long as Google’s promise of reliable connectivity is met.

As far as specifications go, OnHub is marketed as an AC 1900 router which really says it’s a 3×3 802.11ac router that which has a data rate of 1300Mbps on an 802.11ac link and 600Mbps on an 802.11n link. In addition to being a dead simple WiFi router, OnHub also comes with support for the major protocols which will be used by home automation devices, including Bluetooth Smart, Google Brillo/Weave, and IEEE 802.15.4. The OnHub router is available for preorder now from various retailers in the US, and both the blue and black versions cost $199

Source: Official Google Blog

Source: anandtech.com

 

Switch to IPv6 as IPv4 Internet Addresses Have Officially Run Out

We all knew that this day was coming. We’ve been reading about the drying blocks of IPv4 addresses and for the first time North America is out of the new IPv4 addresses.

Now US, Canada, North Atlantic and Caribbean islands are getting the waiting list from the American Registry for Internet Numbers. ARIN has warned that it will be unable to fulfill the allocation of a big IPv4 address block as the address pool is drying. Due this, for the first time ARIN is changing its allocation policies.This isn’t something that has happened something out of nowhere as the global demand of IPv4 addresses has been increasing and the supply has been in peril. Apart from North America, other registries have issued similar warnings in the past and currently only African organizations can get IPv4 addresses as needed.

John Curry, ARIN CEO told Ars Technica that if a person gets a smaller block, he/she can’t apply for more space for 90 days. He added that they are currently having 500 remaining blocks and they handle about 300-400 requests per month, so these remaining blocks won’t last for more than 2-4 weeks.

But, the news isn’t so bad as IPv6 is picking up the pace. ARIN is encouraging the organizations to consider using IPv4 addresses. The supply of IPv6 addresses is enough and isn’t likely to run out “ever” in future. People saw the eventual depletion of IP addresses in the early 1990s, so they developed the new version 6. IPv6/ increases the length of IP addresses to minimum 128 bits.

So, the only real solution is switching over to IPv6 as it allows almost unlimited number of IP addresses. While some of biggest organizations are already using it, some of them are avoiding this transition as it is a time consuming process, it’s expensive and tough.

Image: Extremetech

Source: fossBytes

 

Top 10 Countries Hosting Botnet Servers

We often hear about botnets being taken down in third-world countries thanks to coordinated operations by international police forces, especially in recent months. The story usually plays out in the East, where it’s easier to launder money and the laws aren’t as strict. Yet it turns out that many botnets have hosts in the West, including in the good old United States of America.

Before we dig into the list, here’s some background for those who want it. The term botnet for our purposes refers to a group of computers (sometimes called zombies) that have been infected with malware to perform tasks for whomever distributed said threat. This individual, or organization, controls the botnet by sending instructions to the zombies from a Command & Control (C&C) server, or sometimes more than one.

Now, here’s a map of C&C servers, courtesy of McAfee:

botnet_map

The security firm has also provided a top 10 list of countries to put things more in order:

  1. United States – 631.
  2. British Virgin Islands – 237.
  3. Netherlands – 154.
  4. Russia – 125.
  5. Germany – 95.
  6. Korea – 81.
  7. Switzerland – 77.
  8. Australia – 63.
  9. China – 48.
  10. Canada – 38.

If I had to put a list together, I would have placed Russia, as well as other countries in Eastern Europe, much higher. Many criminals there have made an absolute killing from their malware operations, and using botnets is the most efficient way to do it.

The same goes for China: I would have placed the country at least in the top five. Speaking of Asia, it’s also odd not to see India on the list at all, especially given that the country is the king of sending spam.

Naturally, it’s important to remember that this is just one source of information. Furthermore, many C&C servers have multiple levels of security and disguise to make them appear as if they are actually in another country, and the US is understandably a favorite choice. Yet seeing British Virgin Islands and the Netherlands in second and third, respectively, is difficult to explain.

If you want an interactive real-time map instead of the static one above,Trend Micro released one just last week over here. The screenshot below doesn’t do it justice:

trend_micro_map

Active C&C servers are highlighted by red dots and victim bots (usually more than one) are the blue dots. You can mouse over any of the servers to get a pop-up message that shows the server location, when it was first observed, most affected countries, and the total number of victims Trend Micro has associated with that server.

Image credit: Darren Deans

Source: thenextweb.com

Image Source: readwrite.com

Hack Mobile Phones With Bluetooth

You must have seen in movies that a HACKER accessing mobile phones to steal their important data. Bluetooth hacking is the most popular way to hack or to steal data from any phone.

There are lot of tools and softwares available on internet that can be used to hack any phone.
One of the most popular ways to transfer data between two mobile devices, in range, is via Bluetooth. But Bluetooth just like any other wireless network is prone to attackers. Bluetooth hacking could be classified into the following ways.
  • BlueJacking
  • BlueSnarfing
  • BlueBugging

In this post I have outlined only some Bluetooth hacking software.

1. Bluescanner :

The first thing one would need in bluetooth hacking, is to identify all the devices ahve their blutooth turned on. Bluescanner is a tool for windows OS , which help in discovering the Bluetooth devices as well as tries to get all the information for a newly discovered device.

2. Super Bluetooth Hack

This is one of the best tool used in hacking and is used to read information and controlling any phone with remote cell phone via Bluetooth.The Phone call list and SMS can be stored in the HTML type. In addition, it can also show the information about the battery, Sim network and many more.
If you want to download the software (Super Bluetooth Hack) simply download it and use it. It is quite easy to use. Follow these steps to install SBH(Super Bluetooth hack) directly to your phone :
1.Go to m.brothersoft.com.
2.Find Quick Download Page link at the bottom of the page.
3.Enter this Code: 127249
4. And your download will start Automatically.

3. BTbrowser

It is a J2ME mobile application which offers the same functionality similar to that BlueScanner.With this tool you can the browse and explore files. This application works on phones , which support JSR-82 such as Nokia 6600 and Sony Ericssion P900.  Download

4. BTCrawler

The BT Crawler is a device scanner for window Based mobiles. It can also perform other bluetooth hacking techniques, namely Bluesnarfing and bluejacking, to vulnerable bluetooth devices in range.
Download BTCrawler  Download.

How A Researcher Hacked iKettles to Steal WiFi Passwords All Across London

 

The IoT security is much-debated topic that needs more attention in near future. It might seem convenient to connect your all home devices to the internet and track them on the move. But, it should be noted that it’s possible that your favorite home-gizmo is spilling your secrets.

For example, take the humble tea kettle boiling a nice cuppa for you. A security researcher in England has been hacking into the smart iKettles all across the country and cracking the private WiFi passwords.

“If you haven’t configured the kettle, it’s trivially easy for hackers to find your house and take over your kettle,” says Ken Munro, a researcher with Pen Test Partners.

The iKettle is actually a ‘smart’ kettle that can be turned on using a smartphone app. But, these smart kettles are reportedly ‘insecure’ if not configured properly and could cause a WiFi kettle hack.

wifi-hack-ikettle

He cracked the home WiFi passwords “easily” and explains the process of WiFi kettle hack: “Attackers will need to setup a malicious network with the same SSID but with a stronger signal that the iKettle connects to before sending a disassociation packet that will cause the device to drop its wireless link.”

So, a skillful hacker can just sit outside your home with an antenna pointed towards the home, boot the kettle off its access point and connect it to his device. Now he can easily steal your passwords in plain text to execute this WiFi kettle hack.

Munro says the security of the Internet of Thing devices is “utterly bananas” and some urgent steps are the need of the hour.

Watch the video below where the WiFi kettle hack is explained:

source: http://fossbytes.com/

Capture WiFi traffic using Wireshark

How to capture WiFi traffic using Wireshark on Windows

Wireshark uses libpcap or Winpcap libraries to capture network traffic on Windows. Winpcap libraries are not intended to work with wireless network cards, therefore they do not support WiFi network traffic capturing using Wireshark on Windows. Therefore, Wireshark monitor mode for Windows is not supported by default.

Winpcap Capture Limitations and WiFi traffic on Wireshark

Capture is mostly limited by Winpcap and not by Wireshark. However, Wireshark includes Airpcap support, a special -and expensive- set of WiFi network adapters, which drivers support network traffic monitoring on monitor mode. In other words, WiFi network traffic capturing on promiscuous mode.

Acrylic WiFi products include an NDIS traffic capture driver that captures WiFi network traffic on monitor mode on Windows, capturing WiFi traffic with Wireshark on Windows Vista, Windows 7, Windows 8, and Windows 8.1. This driver adds wireless network compatibility on Windows to other WiFi sniffers.

NDIS Driver and WiFi interfaces on Wireshark

To make this integration possible, Acrylic installs an airpcap.dll library in the system. When Wireshark loads the installed airpcap library, it returns a fake list of airpcap network cards installed. One Airpcap device for each integrated WiFi network card or external USB WiFi network card.

WiFi network card using Wireshark on Windows

Through this method, you can use your preferred network analyzer compatible with Airpcap to monitor WiFi packets under windows. You can view wifi traffic by using Wireshark, cain & Abel, Elcomsoft wireless security auditor or with Acrylic. By double clicking on the network interface on wireshark, you can access the interface settings. You can see that the interface shows a link-layer header, which includes captured packet signal level information.

Wireshark NDIS WiFi interface detail on Windows

By clicking on the “Wireless settings” button, you can configure advanced settings, such as WiFi channel to monitor and FCS check. FCS, or Frame Check Sequence, is a WiFi network packet integrity signature that discards corrupt packets.

Wireshark select channel using NDIS WiFi network card on Windows

WiFi traffic capturing using Wireshark

All in all, after installing Acrylic WiFi, launch Wireshark with Administrator privileges (by right clicking on the Wireshark icon and selecting “Run as administrator”) and select any NDIS network interface WiFi network card. In this example, the Dell integrated WiFi network card (Dell Wireless 1702/b/g/n).
Wireshark Capture NDIS WiFi Windows

Video tutorial Acrylic WiFi NDIS driver with Wireshark on Windows

 


Source:https://www.acrylicwifi.com

How to Secure Your Home Router

Many homes these days have smart, interconnected devices that make life much easier. Whether they’re security cameras, smart light bulbs, or other smart enabled systems, embedded devices don’t come without risks that could compromise your privacy. Many users wonder why home networking devices are often fraught with security problems, and given these security holes, home owners may not be the only one with sole access to their systems, but cybercriminals as well. In many cases, the lack of proper security mechanisms can make it easier for malicious parties to brute-force user credentials and access Web and mobile interfaces. In 2014, Shellshock affected many devices, including computers, routers, and even smart bulbs that run on Linux OS.

How can cybercriminals attack home networks?

Routers are the first line of defense against hackers and make for ideal targets as a point that allows them into the network. Once they gain control of your router, they can monitor and tamper with your devices and online activities. Yet, sadly, only a few users realize that routers are practically vulnerable since they are the one point in your home that’s exposed directly to the Internet. It also functions as a firewall that guards other devices from unauthorized inbound connections.

In some cases, routers have firmware bugs that appear to be obscure or minor. However, these flaws are the very things that give hackers enough room to exploit systems and gain access.

How to secure your home router

There are things you can do right now to beef up your home router’s security. To prevent or minimize attacks, here are basic tips you can follow:

Change administrative default settings – administrator privileges and passwords are the first things attackers will try to crack.

Close the network and use encryption – most home owners leave their Wi-Fi visible to anyone within range. Improve the network’s security by opening the router setup screen and enable either WEP or WPA, and then enter the passphrase to generate the encryption keys. Make sure that your encryption has the proper configuration and implementation of security protocols.

Disable remote-access related features – this essentially allows you to remotely manage and use FTP when you’re not at home. However, this can expose management interfaces. If you need to turn it on, make sure you use HTTPS for the remote management and use the proper restrictions.

Update your firmware regularly – as mentioned above, vulnerabilities and bugs left unchecked can leave your router open to exploits. To prevent this from happening, make sure your firmware is current and updated. Steps to update a router may vary depending on the model, but you can check from the router control panel.

Enable your router’s firewall – While this setting is usually enabled by default, make sure that it’s activated to add an extra layer of security to your network.