The “FREE” WiFi by Chandan.

Slides:

Advertisements

Similar presentations

Computer Networking Components Chad DuBose ~ Assignment #3 ~ LTEC

Advertisements

Virtual Private Servers VPS David Nevala Lukins Annis PS.

EMOS Group 3 組員：郭柏宏郭建漢蕭鼎亞黃雍文黃博奕.

Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

Transparent Caching The art of caching network traffic without requiring user / browser side configuration.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

Wi-Fi Structures.

hotEx RADIUS Manager Installation

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.

Squid Proxy CentOS 6.4 Prepared by : Mr. Sopheap Position : IT Support Location : Deam Computer Date : 24/July/2013.

Course 201 – Administration, Content Inspection and SSL VPN

Module 1: Web Application Security Overview 1. Overview How Data is stored in a Web Application Types of Data that need to be secured Overview of common.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

COMS W COMS W Lecture 8. NAT, DHCP & Firewalls.

NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.

07/11/ L10/1/63 COM342 Networks and Data Communications Ian McCrumRoom 5B18 Tel: voice.

Virtual Private Networking with OpenVPN Wim Kerkhoff Fraser Valley Linux Users Group April 15, 2004.

CTSP TRAINING Router 101 And Networking Basics. You Don’t Need Internet Access to Run or Connect your devices to an Ethernet switch or Router Enable DHCP.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 19 PCs on the Internet.

Topics ABOUT SQUID SQUID BASICS INSTRALLATION OF SQUID SQUID SERVICE CONFIGURATION UNDERSTANDING ACCESS CONTROL LIST LOGS TRANSPARENT PROXY MONITORING.

Weekly Report By: Devin Trejo Week of May 30, > June 5, 2015.

Linux: A Wireless Solution Josh Joiner. Agenda Introduction Minimum Hardware Basic Components Steps on setting up a wireless network Security Concerns.

WIRELESS IN YOUR LIBRARY The Anatomy of a Library Communications Network.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

D-Link Confidential Sales guide for 3G wireless router DWR-131.

Linux OSU Presenting: Karl Vollmer Implemented By: Brian Staffenson / irc.oregonstate.edu #osu-id.

1/28/2010 Network Plus Unit 4 WAP Configuration WAP Configuration In this section we will discuss basic Wireless Access configuration using a Linksys.

Year 10 – Chapter 4 – Computer Networks Lesson 2: Setting up a Network Starter Task – Can you think of reasons to set up a network? Why Use Networks? 1.

1 實驗九：建置網路安全閘道器教師：助教：. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN.

Firewalling With Netfilter/Iptables. What Is Netfilter/Iptables? Improved successor to ipchains available in linux kernel 2.4/2.6. Netfilter is a set.

Le firewall Technofutur. Table des matières Schémas du réseau Routage sans VPN Routage avec VPN Le NAT Le firewall.

INTRODUCTION TO NETWORKS 8/2/2015 SSIG SOUTHERN METHODIST UNIVERSITY.

Homework 02 NAT 、 DHCP 、 Firewall 、 Proxy. Computer Center, CS, NCTU 2 Basic Knowledge  DHCP Dynamically assigning IPs to clients  NAT Translating addresses.

Components of wireless LAN & Its connection to the Internet

1 Network Address Translation (NAT) and Dynamic Host Configuration Protocol (DHCP) Relates to Lab 7. Module about private networks and NAT.

1 Firewalls. ECE Internetwork Security 2 Overview Background General Firewall setup Iptables Introduction Iptables commands “Limit” Function Explanation.

Unit - III. Providing a Caching Proxy Server (1) A caching proxy server is software that stores (caches) frequently requested internet objects such as.

Network Components David Blakeley LTEC HUB A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN.

Firewall C. Edward Chow CS691 – Chapter 26.3 of Matt Bishop Linux Iptables Tutorial by Oskar Andreasson.

Bonus EV3 Programming Lessons LEGO MINDSTORMS ev3dev and Raspberry Pi IR Light controller.

Raspberry Pi Project Control Your Home Lights with a Raspberry Pi.

LINUX® Netfilter The Linux Firewall Engine. Overview LINUX® Netfilter is a firewall engine built into the Linux kernel Sometimes called “iptables” for.

© ExplorNet’s Centers for Quality Teaching and Learning 1 Install, configure, and deploy a SOHO wireless/wired router using appropriate settings. Objective.

PROXY. SQUID Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite -- we're getting there!) HTTP/1.1 compliant. Squid offers a rich.

Model: DS-600 5x 10/100/1000Mbps Ethernet Port Centralized WLAN management and Access Point Discovery Manages up to 50 APs with access setting control.

Linux Firewall Iptables.

Wireless Access Point. What is a WAP?  A Wireless access point (WAP) is a device that allows a wireless device to connect to a wired network.

Routing with Linux 'cause you really love the command line

Version of document: 1.01 Software Version CBox: v3.7.1 Hardware Version CBox: C5 Remote Access Configuration Service Operator Language: English.

Managing and Directing Network Traffic with Linux

NAT、DHCP、Firewall、FTP、Proxy

3.1 Types of Servers.

Module 3: Enabling Access to Internet Resources

Firewall Techniques Matt Cupp.

Virtual Private Networking with OpenVPN

Network Address Translation (NAT)

ECE 544: Middlebox lab Abhigyan Sharma.

Year 11 – Chapter 4 – Computer Networks

Network Address Translation (NAT)

BBBK – WiFi, Ad-hoc network and Wireless access point

Firewalls By conventional definition, a firewall is a partition made

From ACCEPT to MASQUERADE Tim(othy) Clark (eclipse)

Beginning Raspberry Pi

WireGuard zswu.

Setting up a Webcam on a Raspberry Pi

Presentation transcript:

The “FREE” WiFi by Chandan

What happens? We: “Free Internet”... Yepyyy... Let’s connect to it  . after few hours... Our Cell Phone: “Free Internet”... I know that network... Let’s connect to it  Internet WiFi LAN Client RPi Router IPTables hostapd udhcpd MITMProxy

The Tools Hardware Raspberry Pi 2 (RPi) EDIMAX EW-7811Un (or any device with AP mode) How to check if the device supports AP mode? Image: wikimedia.org http://us.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/us/wireless_adapters_n150/ew-7811un/

The Tools Software Raspbian : the OS hostapd : the connection provider udhcpd : the address provider IPTables : the traffic controller MITMProxy : the MITM How to check if the device supports AP mode?

Setup the RPi Download and write the Raspbian into a SSD memory card Connect the Edimax USB WiFi dongle to the RPi Boot the RPi Logon to the RPi using SSH or any preferred method

Packet Forwarding & IPTables Enable packet forwarding Temporary echo “1” > /proc/sys/net/ipv4/ip_forward For permanent, edit /etc/sysctl.conf net.ipv4.ip_forward=1 Setup IPTables to forward traffic $ iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT $ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE $ iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT

Setup udhcpd Install udhcpd Update config file apt-get install udhcpd Update config file /etc/udhcpd.conf Enable udhcpd in defaults /etc/defaults/udhcpd Start the udhcpd service service udhcpd start What does a udhcpd.conf looks like?

Setup hostapd Install hostapd apt-get install hostapd Download the compatible hostapd for Edimax http://www.daveconroy.com/turn-your-raspberry-pi-into-a-wifi-hotspot-with-edimax-nano-usb-ew-7811un-rtl8188cus-chipset/ Alternatively, (if you are really feeling adventurous) download the source code and compile https://w1.fi/hostapd/

Configure hostapd Create /etc/hostapd/hostapd.conf Check configuration interface=wlan0 driver=rtl871xdrv ssid=KSU Guests channel=2 Check configuration hostapd --dd /etc/hostapd/hostapd.conf Start the hostapd service service hostapd start

See if you are able to connect to the “free” WiFi? does it actually works? See if you are able to connect to the “free” WiFi?

Time to bring out the evil stuff

MITMProxy Install MITMProxy Create firewall rule to forward traffic http://docs.mitmproxy.org/en/latest/mitmproxy.html Create firewall rule to forward traffic $ iptables -t nat -A PREROUTING –i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080 $ iptables -t nat -A PREROUTING –i wlan0 -p tcp --dport 443 -j REDIRECT --to-port 8080 Start in Transparent mode $ mitmproxy -T --host

How Transparent Proxy works? Ref: http://docs.mitmproxy.org/en/latest/howmitmproxy.html

Sounds technical... but what all these things do?

Ohh god... the world is ending?

Preventions Do not connect to “free” wifi Use VPN, K-State gives you for free Always use HTTPS Browser extensions – HTTPS Everywhere Do NOT ignore browser warnings Do NOT access sensitive information Bank account SSN email

That’s all folks... thanks for being patient  Questions? That’s all folks... thanks for being patient 

References https://www.raspberrypi.org/documentation/installation/installing-images/ http://www.netfilter.org/documentation/ http://elinux.org/RPI-Wireless-Hotspot http://docs.mitmproxy.org/en/latest/introduction.html