WifiZoo is a tool to gather wifi information passively. It is created to be helpful in wifi pentesting and was inspired by ‘Ferret‘ from Errata Security. The tool is intended to get all possible info from open wifi networks (and possibly encrypted also in the future, at least with WEP) without joining any network, and covering all wifi channels.
A quick war-drive around my neck of the woods still reveals plenty of open wifi networks (and for some reason a lot of them like to name their networks 'linksys'). Read on to see how WifiZoo can help you gain more information in your wonderful wild world of wireless!
After nearly 10 years of developement Wireshark (formely known as Ethereal) has finally reached version 1!
For those that don’t know, Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.
Great news for this amazing complement to tcpdump! Check out the article for a list of enhanced features and experience packet visualization at its best!
How much do you use your Linux laptop? Sometimes securing you mobile computing is a hardware issue - but do those strategies change depending on your operating system of choice?
While you can find dozens of products to secure Windows laptops, security products for Linux laptops are scarcer -- but they do exist. We found a range of products and fixes ranging from security patches for the operating system to encryption to the equivalent of computer bicycle locks which can help keep your Linux laptop or notebook safe.
As hardware gets cheaper, faster and smaller, our information will continue to be subjected to previously untested standards of mobility and
susceptibility.
So, that in mind, where exactly does Linux fit into the mobile security landscape? Well, ITWire gives us a look by going through on:
how to build monitoring in from the onset along with some great open-source tools.
A good overview on wireless security in general, and with some great detail on SSID problems, DOS attacks and solutions like EtherApe.
The Gentoo Infrastructure team has completed its analysis of the recent exploitation attempts as well as the majority of the cleanup. The forensic analysis has revealed that while attempts were made, none were successful in compromising the machine nor in disclosing private information.
I applaud Gentoo from researching the attack in the detail they seem to be doing. However, does the recent attack cause concern of their operating system? If so I hope they take what they learned and put it in their OS to improve it's security.
Following news that security experts at the Black Hat conference demonstrated another method to compromise e-mail accounts when accessed over Wi-Fi, Symantec's Javier Santoyo said the issue continues to remain a problem. "And I would expect most, if not all, of the e-mail vendors will soon start offering secure logins," Santoyo said.
What was interesting was the hack grabs the cookies which the e-mail provider puts on authorized user's computer. So, it seems there are two solutions either turn off cookies on your browser or for emails provides to stop placing them on users computers. What do you think is the best way?
Source: New Scientist Tech - Posted by Eckie Silapaswang
Take the meteoric rise of wireless hotspots, the inability for people to change default passwords or encrypt their traffic, and the need for an easy tool to point and click your way through insecure wireless networks. Put them all together and you have WiCrawl, a tool presented recently at DEFCON which sniffs out wireless access points and automatically probes them for weaknesses. I'm all in favor of these types of "simple tools" - insecure wireless spots are a very common problem in this day and age, and any attempt to help make the process of auditing these hotspots easier for security researchers is a plus in my book.
Bluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth user.
If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them.
Recent reports of massive credit card theft from retailers that haven’t adequately secured their Wi-Fi networks are unsettling, to say the least.
Organized gang members have been grabbing customer card data out of the air, where it has been unconscionably unencrypted, en route to a banking processing company for authorization. Other breaches are thought to have occurred when hackers tapped into Wi-Fi data streams generated by weakly encrypted wireless barcode scanners, broke the encryption code, and eavesdropped on user sessions to steal their network access credentials.
Computer users have been warned of the dangers of using Wi-Fi hotspots after it emerged that cyber-criminals are targeting the networks in café chains, including Starbucks.
Times Online has uncovered evidence that criminals are using a technique known as an "evil twin attack," where victims think that they are logging on to the genuine network in a café but are in fact being diverted to a "rogue" connection.
