NetStumbler.org Forums

Go Back   NetStumbler.org Forums > WiFi Forums > Hardware
Reload this Page Block/prevent/deter deauthentication attacks?
Register Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
Old 04-11-2006   #1 (permalink)
jamesavery22
Registered Member
 
Join Date: Jan 2006
Posts: 6
Block/prevent/deter deauthentication attacks?
Is there a way or a firmware I can put on my wrt54g that will block deauthentication packets?

How do I prevent deauth attacks? Searching gives me tons of ways on how to actually do the attacks, but I can't find anything that discusses how to defend against them. Im sorry if I missed a sticky somewhere.

Other than not broadcasting the SSID,using Mac filters, using a max sized WPA key, what can I do?
jamesavery22 is offline   Reply With Quote
Old 04-12-2006   #2 (permalink)
SignalSeeker
Badger in heat
 
SignalSeeker's Avatar
 
Join Date: Jun 2004
Location: Sacramento, CA
Posts: 414
Quote:
Originally Posted by jamesavery22
Is there a way or a firmware I can put on my wrt54g that will block deauthentication packets?

How do I prevent deauth attacks? Searching gives me tons of ways on how to actually do the attacks, but I can't find anything that discusses how to defend against them. Im sorry if I missed a sticky somewhere.

Other than not broadcasting the SSID,using Mac filters, using a max sized WPA key, what can I do?
Unplug it?

How likely is that attack for you?
SignalSeeker is offline   Reply With Quote
Old 04-12-2006   #3 (permalink)
renderman
Drunken Stumbler
 
renderman's Avatar
 
Join Date: Jun 2002
Location: Anywhere but Utah
Posts: 1,862
problem is that the deauth packet is legitimate 802.11 traffic for ending a session. without it, wierd shit occurs, so ignoring it is out of the question.

Basically there's not much you can do about it. Investing in some higher end gear might be an answer (I think aruba has some gear that mitigates the risk), but with a WRT, your pretty much SOL against a determined attacker.
renderman is offline   Reply With Quote
Old 04-12-2006   #4 (permalink)
jamesavery22
Registered Member
 
Join Date: Jan 2006
Posts: 6
Great. I'm a newbie at this stuff but the description of what happens when you initiate a deauth attack happens to me quite often. The past few times Ive been awake past 12am its happened. My client just keeps disconnecting and reauthenticating. I have been just unplugging it. Guessing there is no way for me to track who is doing it because I dont have anything past a wr54g and a wusb54...
jamesavery22 is offline   Reply With Quote
Old 04-12-2006   #5 (permalink)
The Others
PeaceDriver
 
The Others's Avatar
 
Join Date: Apr 2002
Location: Dos Palabras, Mandoras
Posts: 2,920
You can install snort on your WRT54G, if you follow some googled instructions. Don't expect it will help you much (it's not going to stop anything), but it could be interesting.
__________________
all good ends all

?u=273
The Others is offline   Reply With Quote
Old 04-12-2006   #6 (permalink)
Airstreamer
Sniffin' the aether
 
Airstreamer's Avatar
 
Join Date: Nov 2004
Location: A little North of Reason
Posts: 2,821
Quote:
Originally Posted by jamesavery22
Great. I'm a newbie at this stuff but the description of what happens when you initiate a deauth attack happens to me quite often. The past few times Ive been awake past 12am its happened. My client just keeps disconnecting and reauthenticating. I have been just unplugging it. Guessing there is no way for me to track who is doing it because I dont have anything past a wr54g and a wusb54...
Get yourself a high gain directional antenna and go a huntin'.
If they're hitting your router, they're transmitting and you can play "find the rabbit."

Of course, when you find 'em, you may want to hang more than their feet from your trailer hitch.
__________________
"America is at that awkward stage.
It's too late to work within the system, but too early to shoot the bastards.."

- Claire Wolfe, 101 Things to Do 'Til the Revolution
Airstreamer is offline   Reply With Quote
Old 04-12-2006   #7 (permalink)
brwrdrvr
Cajun from Hell
 
brwrdrvr's Avatar
 
Join Date: Feb 2005
Location: Capitol City, Louisiana
Posts: 3,776
Quote:
Originally Posted by Airstreamer
Get yourself a high gain directional antenna and go a huntin'.
If they're hitting your router, they're transmitting and you can play "find the rabbit."

Of course, when you find 'em, you may want to hang more than their feet from your trailer hitch.

He could run Airsnare
__________________
Real Linux users write the zeros and ones directly to the hard drive using a refrigerator magnet. ~ bobfunland
brwrdrvr is offline   Reply With Quote
Old 04-12-2006   #8 (permalink)
Airstreamer
Sniffin' the aether
 
Airstreamer's Avatar
 
Join Date: Nov 2004
Location: A little North of Reason
Posts: 2,821
Quote:
Originally Posted by brwrdrvr
He could run Airsnare
Actually, I think this would be a good use of the "sticky-nasty-pot."

Let them think they cracked it and well...
__________________
"America is at that awkward stage.
It's too late to work within the system, but too early to shoot the bastards.."

- Claire Wolfe, 101 Things to Do 'Til the Revolution
Airstreamer is offline   Reply With Quote
Old 04-12-2006   #9 (permalink)
streaker69
Psychic Amish Stumbler
 
streaker69's Avatar
 
Join Date: Jul 2004
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
Posts: 12,239
Quote:
Originally Posted by Airstreamer
Actually, I think this would be a good use of the "sticky-nasty-pot."

Let them think they cracked it and well...
If only there were a thread where that concept was discussed.
__________________
Treat your gun like your genitals, only whip it out when it's absolutely necessary.
streaker69 is offline   Reply With Quote
Old 04-12-2006   #10 (permalink)
Airstreamer
Sniffin' the aether
 
Airstreamer's Avatar
 
Join Date: Nov 2004
Location: A little North of Reason
Posts: 2,821
Quote:
Originally Posted by streaker69
If only there were a thread where that concept was discussed.
Yup.
__________________
"America is at that awkward stage.
It's too late to work within the system, but too early to shoot the bastards.."

- Claire Wolfe, 101 Things to Do 'Til the Revolution
Airstreamer is offline   Reply With Quote
Old 04-12-2006   #11 (permalink)
G8tK33per
Asshole Emeritus
 
G8tK33per's Avatar
 
Join Date: May 2003
Location: Goomba's Booty Boardwalk
Posts: 6,128
Quote:
Originally Posted by streaker69
If only there were a thread where that concept was discussed.
I think someone should do something about that...

...or not.
__________________
"My mind is aglow with whirling, transient nodes of thought careening through a cosmic vapor of invention."

Sons of Confederate Veterans
G8tK33per is offline   Reply With Quote
Old 04-16-2006   #12 (permalink)
syn-ack
Kirchhoff==Woot
 
syn-ack's Avatar
 
Join Date: Oct 2004
Posts: 86
Just look at the HostAP driver mod, that does not response to Deauth...Its just a couple of lines...
syn-ack is offline   Reply With Quote
Reply

« Lucent external antenna Jack type? | WinXP SP2 and SMC2532W-B problems »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Google
 
Web NetStumbler.org

All times are GMT -7. The time now is 02:44 AM.

Contact Us - NetStumbler.org - NetStumbler.com - Online Backup - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0 ©2007, Crawlability, Inc.


All messages express the views of the author and are for entertainment purposes only. Netstumbler.org cannot be held responsible for the authenticity of the content or the actions of its members. By using this site and its services, you warrant that you will not post any messages that are discriminating, obscene, hateful, threatening, or otherwise violates any laws and you release Netstumbler.org from any future claims of any kind whatsoever including, but not limited to, addiction and loss of productivity. All forum messages, private messages and any other content are properties of Netstumbler.org. Even if publicly available, personal or copyrighted information are not to be posted without the consent of the owner. Distribution of licensed and copyrighted materials in any way not endorsed by the copyright owner is strictly prohibited. You may not use this site and its resources to spam other sites or individuals or perform any action that violates any law. Items sold or bought in the For Sale forum are sold as is and no warranty or insurance of any kind is provided. Netstumbler.org cannot be held responsible for the outcome of any transactions and no warranty of any kind is provided, either express or implied. Vulgar words are not allowed in the subject lines ; they may be used in the message body in any forum. The Administrator, Super Moderators and Moderators of Netstumbler.org have the right to remove, edit, move or close any thread for any reason and to reveal your identity and other known information in the event of a complaint or legal action arising from any message posted by you.