RSS

Postgrad News & Pineapple Goodness

01 Dec

So, I had my (in)formal postgrad interview with my employer this week where they set out what they expected from me as I start my MSc in Computer Security & Forensics early next year.

The interview went well, I think, but I can’t help but wish I could just do the MSc without my employers involvement (sadly though, I can’t afford the £14,000 or so that it’s going to cost so they kinda have me over a barrel). Being a technical guy who is happier probing our defences with tools like metasploit from the safety of a darkened server room than performing in front of crowds, the thought of having to give a formal lecture to my company fills me with terror. Hell, even the thought of doing lunch with the other postgrads on site makes me queasy. I totally understand why people doing similar MSc’s may want to get together, but my MSc is worlds apart from the life science degrees that they’re all doing. Ugh.

In other news, I ordered a Mk3 Pineapple from Hak5 last week, which I’m looking forward to getting my hands on. The Pineapple is essentially a device put together by Darren Kitchen and the Hak5 team to take advantage of a feature in most wifi devices that allows them to automatically reconnect to open Wifi networks that they’ve previously connected to, based on just the SSID of the network. The Pineapple is running Jasager (apparently German for “Yes man”), and when a wifi device starts up and sends out a probe asking if its wireless network is available, the Pineapple replies saying “Yep, I am that network”. The client then connects to the Pineapple without bothering to check if MAC address, Wifi channel or any other setting matches what was previously used by the real wifi network using that SSID, and that’s when the fun begins – at least, for the guy on the other end of the Pineapple :). I’m hoping to get time to sit down and really look at what this device does, how it all fits together, any additions I think I could make, as well as thinking about how best to defend against such a device from a corporate point of view. I shall post my findings back here later on once I’ve had a chance to play.

Advertisements
 
2 Comments

Posted by on December 1, 2011 in Security, Study

 

2 responses to “Postgrad News & Pineapple Goodness

  1. suisaluemia

    December 20, 2011 at 11:34 am

    Are you serious?

     
  2. cmddotexe

    December 21, 2011 at 1:43 pm

    Serious about Wifi clients being that easy to exploit? Absolutely.

    Serious about the MSc? Probably less so.

     

Add Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: