Sign in to follow this  
Followers 0
unregistered

how to prevent triangulation and discovery when using wifi?

17 posts in this topic

as above, is there any way to spoof the router's dhcp client's table to not show an extra node?

0

Share this post


Link to post
Share on other sites

hmm.. change your position and signal strength? although you wouldn't be able to go very far unless it was WiMAX. Modifying your MAC addr and re-associating probably wouldn't hurt.

0

Share this post


Link to post
Share on other sites
hmm.. change your position and signal strength? although you wouldn't be able to go very far unless it was WiMAX. Modifying your MAC addr and re-associating probably wouldn't hurt.

Wimax really isnt going to have any thing to do with him connecting locally to a wireless router.

The reason I mentioned WiMAX was because the extended propogation distance facilitates triangulation evasion because of the wider hypotenuse.

0

Share this post


Link to post
Share on other sites
as above, is there any way to spoof the router's dhcp client's table to not show an extra node?

ok i dont see how this relates to triangulation but if youre conected to the router and you have the admin pass then you could always clear the client table. but the best thng to do would be to spoof your mac and or change your computers name to something simmilar to one of the clients already on the list.

That relates to getting discovered that someone intruded on the network in the first place, but if i write a program to delete my entry in the dhcp clients table, won't i get disconnected?

I was actually thinking something along the lines like making a fairly intelligent phishing page of the client table which hides my presence but indicates all other connected clients.

Edited by unregistered
0

Share this post


Link to post
Share on other sites
hmm.. change your position and signal strength? although you wouldn't be able to go very far unless it was WiMAX. Modifying your MAC addr and re-associating probably wouldn't hurt.

Wimax really isnt going to have any thing to do with him connecting locally to a wireless router.

The reason I mentioned WiMAX was because the extended propogation distance facilitates triangulation evasion because of the wider hypotenuse.

** temporary thread hijack **

Triangulation is a very poor method of discovering the source of emissions. Why limit yourself to three sample points? It works in theory because such calculations typically assume an empty environment, devoid of matter that could in any way obstruct the emissions.

A much better way is to use many more sample points, and then use interpolation methods. That's how I did it for instance to discover the position of routers in a city environment, full of obstructive buildings. It's not hard to do, all you need is some GIS software to import that latitude/longitude/signal-strength data into. Getting that data is as easy as using Netstumbler + GPS. Using such a method, you could accurately be pinpointed.

** end hijack **

Edited by Seal
0

Share this post


Link to post
Share on other sites
** temporary thread hijack **

Triangulation is a very poor method of discovering the source of emissions. Why limit yourself to three sample points? It works in theory because such calculations typically assume an empty environment, devoid of matter that could in any way obstruct the emissions.

A much better way is to use many more sample points, and then use interpolation methods. That's how I did it for instance to discover the position of routers in a city environment, full of obstructive buildings. It's not hard to do, all you need is some GIS software to import that latitude/longitude/signal-strength data into. Getting that data is as easy as using Netstumbler + GPS. Using such a method, you could accurately be pinpointed.

** end hijack **

True that. Technically speaking, if you're in a very restrictive environment you don't even need three points. Ham radio operators (and the FCC) are really good at this stuff, by the way. They call it "fox hunting."

0

Share this post


Link to post
Share on other sites
as above, is there any way to spoof the router's dhcp client's table to not show an extra node?

how about not using DHCP at all.. if you guess the networks ip range which should be pretty simple just give yourself a static IP address. This way your computer will not apear in the dhcp list.

0

Share this post


Link to post
Share on other sites
as above, is there any way to spoof the router's dhcp client's table to not show an extra node?

how about not using DHCP at all.. if you guess the networks ip range which should be pretty simple just give yourself a static IP address. This way your computer will not apear in the dhcp list.

well yes but it would appear in the rotuer's static ip page, the key here is to not make your node show up on any of the router's admin pages and perhaps not even on the ping sweep by getting your computer to drop the icmp packets or something like that. anyone knows how to do it?

Edited by unregistered
0

Share this post


Link to post
Share on other sites
as above, is there any way to spoof the router's dhcp client's table to not show an extra node?

how about not using DHCP at all.. if you guess the networks ip range which should be pretty simple just give yourself a static IP address. This way your computer will not apear in the dhcp list.

well yes but it would appear in the rotuer's static ip page, the key here is to not make your node show up on any of the router's admin pages and perhaps not even on the ping sweep by getting your computer to drop the icmp packets or something like that. anyone knows how to do it?

i'm not sure what the router static ip page is.. its probably an arp cache.. the way to clear it out could be to arp flood.. generate fake arp replies until the "page" is cleared.

As for the ping sweep, you just need a firewall software that has stealth mode.. which basically ignores all icmp and other requests.

0

Share this post


Link to post
Share on other sites
hmm.. change your position and signal strength? although you wouldn't be able to go very far unless it was WiMAX. Modifying your MAC addr and re-associating probably wouldn't hurt.

Wimax really isnt going to have any thing to do with him connecting locally to a wireless router.

The reason I mentioned WiMAX was because the extended propogation distance facilitates triangulation evasion because of the wider hypotenuse.

** temporary thread hijack **

Triangulation is a very poor method of discovering the source of emissions. Why limit yourself to three sample points? It works in theory because such calculations typically assume an empty environment, devoid of matter that could in any way obstruct the emissions.

A much better way is to use many more sample points, and then use interpolation methods. That's how I did it for instance to discover the position of routers in a city environment, full of obstructive buildings. It's not hard to do, all you need is some GIS software to import that latitude/longitude/signal-strength data into. Getting that data is as easy as using Netstumbler + GPS. Using such a method, you could accurately be pinpointed.

** end hijack **

what's GIS software?; but anyway im more curious as to how to bypass this technique.

0

Share this post


Link to post
Share on other sites
as above, is there any way to spoof the router's dhcp client's table to not show an extra node?

how about not using DHCP at all.. if you guess the networks ip range which should be pretty simple just give yourself a static IP address. This way your computer will not apear in the dhcp list.

well yes but it would appear in the rotuer's static ip page, the key here is to not make your node show up on any of the router's admin pages and perhaps not even on the ping sweep by getting your computer to drop the icmp packets or something like that. anyone knows how to do it?

i'm not sure what the router static ip page is.. its probably an arp cache.. the way to clear it out could be to arp flood.. generate fake arp replies until the "page" is cleared.

As for the ping sweep, you just need a firewall software that has stealth mode.. which basically ignores all icmp and other requests.

the "static ip page" is the place in the router configuration where you have to put in your computer MAC and the ip you want otherwise you wouldn't have a static ip.

0

Share this post


Link to post
Share on other sites

To continue with Vector, GIS software is essentially any software that deals with spatial data. The behemoth out there for this is called ArcGIS from a company called ESRI. With that software, you can create maps, interpret geospatial data, go through geoprocessing techniques to acquire new data, etc.

Whenever you see a map out there, it was made with GIS software. Interpolation of sample points falls within the realm of using geoprocessing technique on a set of geospatial data. Such tools are what people use to be able to tell ground moisture content from satellite imagery, the likelihood of an area being subject to avalanches, what bus routes are quickest to go from A to B given the types of road in place, etc.

If you're transmitting, the signal is inherently stronger the closer the receptor to you. This makes you locatable. There is thus no way of avoiding this. Even if you randomized the power of emission on your end, averaging the values would still produce a map that would nail you down. You can try placing yourself in a busy area where many others are with laptops, but that's about it. Think about it in this way: your laptop is shouting in all directions. People can pick up on this shouting. As long as you keep shouting, people can pick out where the shouting is coming from.

0

Share this post


Link to post
Share on other sites
If you're transmitting, the signal is inherently stronger the closer the receptor to you. This makes you locatable. There is thus no way of avoiding this. Even if you randomized the power of emission on your end, averaging the values would still produce a map that would nail you down. You can try placing yourself in a busy area where many others are with laptops, but that's about it. Think about it in this way: your laptop is shouting in all directions. People can pick up on this shouting. As long as you keep shouting, people can pick out where the shouting is coming from.

what if my wifi nic is shouting with a directional antenna, would it make it any more difficult to pinpoint my location?

0

Share this post


Link to post
Share on other sites
what if my wifi nic is shouting with a directional antenna, would it make it any more difficult to pinpoint my location?

No, now they just keep walking in the direction where the signal strength increases.

0

Share this post


Link to post
Share on other sites

so the only way to obfuscate my position somewhat is to create noise as in wifi transmission on the same channel, etc as my transmitting machine correct?

0

Share this post


Link to post
Share on other sites
so the only way to obfuscate my position somewhat is to create noise as in wifi transmission on the same channel, etc as my transmitting machine correct?
I've been thinking the same thing. Basically sending several ghost signals in order to help hide me. But then I started thinking about what it means to hide in a crowd and it really only works if you do it once and then move somewhere else. That is because anyone reviewing videos of a crowd could logically isolate you within two visits to the same place. So, if you have to move every time you want to post your hackzine then you don't need any additional technology to help you hide.
0

Share this post


Link to post
Share on other sites
what if my wifi nic is shouting with a directional antenna, would it make it any more difficult to pinpoint my location?

No, now they just keep walking in the direction where the signal strength increases.

Even if you're directional, you're still emitting. And the signal, in the path of emission, is still going to be stronger the closer it is to you. Furthermore, even being outside the path of /direct/ emission can locate you by looking at the weaker transmissions outside the main directional arc. There's still going to be a trend there. And deriving that trend is as easy to do as it is to write this sentence. That said I'm not too familiar with radio transmission theory, so someone correct me if I'm mistaken.

I don't know what you mean by ghost signals. The amount of other traffic doesn't make yours any harder to trace. The reason I mentioned being in a crowd is that once they know /where/ you are, it's harder to know /who/ you are if you're amongst others with laptops.

Edited by Seal
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0