17 comments

[ 4.1 ms ] story [ 53.1 ms ] thread
It seems a bit odd to compare a 3D printed product with "jerry-rigged" devices.

It looks nice but the form factor somewhat looks like what might just be an ESP32 + directional antenna, is the selling point the integration and behaviour profiles of known malicious APs here? Without details and "contact us" pricing I'm really not sure what to make of this. But I guess if the price is low enough it's nicer than putting one together yourself.

@tastroder you have to get most people are not tech. You have no idea how sale and marketing get impressed by some chart or graph sometimes. Everything seems like black magic to non techies now days.
Yeah what bothers me is they are so impressed by a little graphics front end change, but most stuff done in the backend are not really taken noticed.
Why not sell rogue wifi dousing rods then?
I would call behavioural heuristics of WiFi ‘attacks’ dubious at best. Knowing the specific software the attacker is using has minimal/no value in actually fixing the issue either.
This smells of self-marked homework used as thinly veiled advertising to potential investors.

If rogue access points are a legitimate concern, proper network controls (PNAC, mac whitelisting, etc) would be better options.

How exactly are you meant to do that when you are dealing with devices like employees personal phones in an office, or antendees laptops at a conference?
Having a secure and a non-secure network would probably be good in some instances.
This. You either care about security, or you permit BYOD. They are mutually exclusive.
I don't know about PNAC, but MAC whitelisting is easily circumvented by scanning for the devices connected to an AP and changing your MAC to one of those.
Correct. The point is no COTS access point does this.
Sorry, I'm not sure to understand what you mean. Do you mean that no COTS access point does MAC whitelisting? I would say that they can do it, but it's not very useful
No I’m saying not many COTS access points can spoof MAC addresses.

Windows can act as a hot spot, but there’s group policies to solve that.

I don’t think whitelisting is a solve-all, but it’s not easy to work around for unsophisticated actors.

MAC whitelisting is so easily circumvented that it's more of a hassle than a security measure, really. It also doesn't solve the rogue access point problem because with two devices you can capture a target on one part of the network, MitM it, and forward the traffic to a second device somewhere else on the network where you replicate the target's MAC address.

Proper access control (enterprise WPA, deployed with valid certificates and correctly provisioned to company devices) would probably solve most issues when it comes to automatic credential stealing through WiFi access points. PNAC also works quite well in that context. The largest challenge in this area would be people using the guest network instead of the office network, but that can be worked around by requiring either access to the internal network or access through a VPN to get to any information that you're afraid might leak.

Still, if you find a rogue access point, you would probably want to find out where it is so you can analyze and/or remove it. One of these tools can be quite handy for that, assuming they're cheap and available enough to have just lying around.

Mac whitelisting isn’t to prevent sophisticated actors, it’s to prevent rogue access points by Jane on the front desk.

Certificate based auth is a very good technique, but wifi level auth has no relation to rogue APs, iirc pnac is cert based also and that’s where it makes sense.

Reminds me of recon sentinel https://www.reconsentinel.com , destined to $10 amazon clearance near you in a year.

>I purchased two of these when they were $7.99 on Amazon.

https://hackaday.com/2020/11/16/teardown-recon-sentinel/

>We may disclose your Personal Information in connection with law enforcement, fraud prevention or other legal action; as required by law or regulation; or if CDSreasonably believes it is necessary to protect CDS , its customers or the public. CDSmay be required to provide personal information in response to a lawful request from governmental authorities, including to meet national security or law enforcement requirements.

It sounds like $7.99 + $900 lifetime subscription to have a snitch in your house.