Auto-Scanning the Names People Choose For Their Wireless APs 422
MichaelSmith writes "I code on the tram, going to and from work, and I noticed that there are a lot of WiFi access points along the way. So one week I made it my job to write an automatic scanner which runs from a cron job every minute during commuting times. My backup script pushes the new AP names to my web server and you can read it online. It is a mixture of the straightforward, naive and funny, with a few pop culture references along the way. The first column in the file is the number of access points with that name. The second column is the AP name, in brackets to pick up white space." Why can't "Dress Me Slowly" and "Domestic Bliss" just share an AP?
Best SSID (Score:5, Funny)
The SSID I use is "Honeypot"
Re:Best SSID (Score:5, Informative)
I used to leave mine unencrypted, and change the name occasionally, calling it "BankOfAmerica", "FirstBankOf[mycity]", "FBI", "NSA", "CovertOps4", etc. I was very disappointed that I didn't have people trying to do nefarious things.
Now I just call it "unreachable", and encrypted, which seems to have the same result. Ok, that's a lie, but I'm not going to post my real SSID here. :)
I really appreciate all the folks with the Verizon DSL/FiOS routers with the 5 character SSID's, since those are easily crackable. They're nicer than the unencrypted ones, since I'm not competing with other users for the line. :)
My last drive got over 2,000 in about 20 miles. Most were totally boring, and like 25% were unencrypted.
should had it set to Linksys, netgear or other def (Score:3, Insightful)
should had it set to Linksys, netgear or other defaults. They you may of seen more hacks.
Re: (Score:3, Informative)
Why not? Knowing your SSID doesn't help anybody guess your paraphrase.
BTW, who's your favorite porn star?
Re:Best SSID (Score:5, Informative)
My FIOS wireless router came w/ 64 bit WEP enabled and a little brochure that claimed that cracking wireless networks was "just in theory" and that 64 bit WEP was in "as secure as a wired network".
Re: (Score:3, Informative)
"as secure as a wired network"
Considering that you can tap wired network just by cutting a cable and connecting it through a hub - your brochure was quite correct.
Re: (Score:2)
Re:Best SSID (Score:5, Informative)
Re:Best SSID (Score:5, Insightful)
ACTUALLY ... if you ever run into the hell that is a DUPLEX MISMATCH [wikipedia.org], you'll be grateful that your SWITCH does in fact have a COLLISION LIGHT.
Why yes, I am CAPITALIZING random WORDS this evening. It's a RESULT of the prodigious quantity of ALCOHOL I have been drinking.
THANK YOU. Now go back to scribbling about THINGS you DO NOT FULLY appreciate. This is SLASHDOT, after all. :-)
Re: (Score:2)
Re:Best SSID (Score:4, Interesting)
Look around online a little bit. The 5 character SSID is generated from the MAC, and so is the key. You can extrapolate enough for the SSID and the known parts of the MAC to generate the key.
Re: (Score:3, Interesting)
Along that train of thought I'm betting
[É*ÙC/îa|bziürÍqe¦>IÏqKÎ:]
is also the key for this AP
Re: (Score:3, Interesting)
That's what it came with? I guess they're doing better practices since word got out that their encryption was amazingly weak. Too bad they can't go back and fix up all the existing installs.
I'll use an example one.
SSID: YVFS1 (just made it up, don't get your hopes up)
Could have the WEP key of:
18012DE06E
or
1F902DE06E
That only depends on which series it was. There are two known groupings, and a third that the generator I have doesn't do, but it'd be easy enough to code into it
Re: (Score:3, Insightful)
WPA-TKIP has been shown to have exploitable weaknesses so it will likely be cracked and then trivialized soon as well (if it hasn't been already). WAP-AES is reasonably secure at the moment but I wouldn't be surprised if that falls within the next few years as well.
Encryption is, and alw
Re: (Score:3, Informative)
Encryption is an arms race, but the implementation is often the easiest thing to attack.
Re:Best SSID (Score:5, Interesting)
Oh, I definitely broadcast my SSID. I've run into the stomping into each other problem before. It's a pain to do a site survey of who's around, pick a channel, just to find out that there's other traffic interfering.
I know mine is receivable for a longer distance than others in the neighborhood. When they installed it, I wasn't here, and they put the AP under a desk, with a metal file cabinet beside it. {sigh}. I moved it up on top of the file cabinet, and that (amazingly enough) fixed a lot of my problems. I'd guess the neighbors got theirs installed somewhere, and they left it exactly where it was placed.
I've had to change my channel twice where I am now, because the defaults for whatever a neighbor installed were on my channel and ruined my throughput. I may look like a lunatic walking around the house with the laptop listening, but it tells me what channels are being used, and what are free. It's kinda funny, there are three near the house that are all on the same channel. I bet they wonder why their connection is terrible, but it's not mine to fix. That, and I'm not ambitious enough to go find their house and offer to fix it. I did that once in an office building. Someone turned on an AP and stomped on my traffic. I wandered around, found them, went to the receptionist for the company and asked to see whoever was in charge of IT. They were completely oblivious to what I was asking.
"Who takes care of problems with your computers?"
"I don't know"
"Can you please find someone who does know?"
"Why?"
"Because your access point is broadcasting over the legal limits for power, and is disrupting service for other occupants of the building."
"What's an access point?"
"It's the device that handles wireless network traffic."
"I don't think we're on a network."
"Can you go to web sites?"
"yes"
"Then you're on a network. Can you find the person who runs it"
"No one here knows." (without asking or even picking up the phone)
The conversation went on for a few more minutes, before I just gave up.
I didn't know positively that they were over the legal limits, but since I had a good signal from their office several floors below, and even a good distance from the building, I figured they were doing something they shouldn't be. At least when I've put high gain antennas on, I look around, make sure I won't interfere with anyone, and use a very narrow beam antenna (i.e., a good parabolic), that doesn't come close to any other buildings. When I went hunting for my own signal in that circumstance, I couldn't even pick it up at ground level standing under the receiving antenna, 20' below it. I've only done that on long point-to-point connections, not as a general AP in an office building.
Re:Best SSID (Score:5, Funny)
Re: (Score:2, Funny)
Re: (Score:3, Funny)
I named mine "GOATSE", no password, no encryption, but unauthorized connections get redirected automatically... They can't say they weren't warned.
Re:Best SSID (Score:5, Funny)
Re: (Score:3, Insightful)
Re:Best SSID (Score:5, Funny)
Don't you mean Get off my LAN?
Re:Best SSID (Score:5, Funny)
The w in lawn is silent.
Re: (Score:2)
Best Secure SSID (Score:5, Funny)
I check the logs and have never seen a single person connect to my router.
Re: (Score:3, Funny)
HAHAHA -- awesome. Best social hack I've heard in quite a while. Well played, and thanks for the giggle. :)
Re: (Score:3, Funny)
Mine says "£0.99 an hour! First hour free! Unlimited downloads!"
People are happy giving up their credit card numbers, but probably not happy with the zero service.
Don't connect to wireless networks you don't own.
Re:Best SSID (Score:5, Funny)
Re: (Score:3, Funny)
Re: (Score:3, Interesting)
So it seems that someone wanted to survey the names people use for wireless access points, but was too lazy to do the research, so they put up a Web site with some fake data and posted to Slashdot in the hopes that everyone would post their clever names as comments.
Guess it worked... ;-)
MY_NETWORK (Score:3, Funny)
My backup script pushes the new AP names to my web server and you can read it on line.
You're not hosting your page via one of those access points, are you? I think it just melted.
already (Score:4, Insightful)
Cached version: (Score:5, Informative)
http://artifacts.glitch.tl.nyud.net/access_points.txt [nyud.net]
Re: (Score:3, Insightful)
slashdotted
No kidding. Posting your personal Web site to Slashdot is a great way to run up some extra bandwidth charges.
On a lazy Saturday evening (Score:3, Funny)
Re:On a lazy Saturday evening (Score:5, Informative)
I can't believe it. I extracted the text file from mercurial and put it on disk as a plain text file. I submitted this article before I went out to my son's birthday party. When I got back I wondered why nothing was working.
Once the smoke clears from my office I will go through the logs and try to work out whether it was the single, short plain text file or the link to the source code which did the damage.
Re:On a lazy Saturday evening (Score:4, Funny)
erm... "coral cache" rings any bell?
It does now.
Having RTFA for once... (Score:5, Funny)
My favourite is the tie fighter: ]-o-[
Re: (Score:2)
My favourite is the tie fighter: ]-o-[
You sure that's not goatse?
Re: (Score:2)
Thanks for spoiling that one, I was thinking the PP made a compelling point, now you've gone and ruined it...
Guess I could still recommend it to my brother and laugh everytime I visit huh?
Re: (Score:3, Interesting)
Sugar tits.
I don't have her address. Just her mac address and general location.
Re:Having RTFA for once... (Score:5, Informative)
<-o-> TIE Interceptor
<-oo-> TIE Bomber
[-o-] Darth Vader's Prototype TIE Fighter (TIE Advanced)
Re: (Score:3, Insightful)
hi neighbor! (Score:2, Funny)
I live in a pretty nice little suburb. Full of old people, business owners, and people who generally don't know how shit works., So, all the APs are default except for two. One is "grandma's house", and the other is "midget sex".
I really want to find out who named theirs midget sex.
Re:hi neighbor! (Score:5, Funny)
I ran across one recently that called itself "BURN. FACIAL. SUCK IT."
I've been thinking about putting together a cron job on a spare WRT router that periodically switches between various funny or disparaging SSIDs, myself. I might even leave it unencrypted, with DHCP on, with a random goatse appearing instead of net access.
Re:hi neighbor! (Score:5, Funny)
Upside-Down-Ternet [ex-parrot.com].
Re: (Score:2)
Clever. I like my goatse idea better, though, since it denies them the opportunity to do anything useful, and I'm not currently interested in providing even free Wifi for whoever wanders by, even if it is upside-down. But maybe if it rotated between upside-down, goatse, and tubgirl -- then, maybe, it'd be sufficiently both fun and useless enough to satisfy my sadism. Especially if the rotation interval were short (a minute or two).
Re: (Score:3, Funny)
Re:hi neighbor! (Score:4, Funny)
Re:hi neighbor! (Score:5, Funny)
I came across one in Hong Kong called "DON'T STEAL MY FUCKING WIFI". And of course, it was unsecured.
Re: (Score:3, Funny)
On a related note... (Score:2)
Didn't see mine... (Score:3, Funny)
Sa-Matra
Re: (Score:3, Funny)
Password: Kohr-Ah
Why. (Score:5, Insightful)
Re:Why. (Score:5, Informative)
Besides the fact that assuming someone such as yourself uses WPA/WPA2 PSK, the SSID is seeded with the hash and by using the default one, you leave yourself open to the likes of rainbow table attacks - http://www.renderlab.net/projects/WPA-tables/
Re:Why. (Score:5, Insightful)
He declared that the SSID he uses "is what the thing came with", which is probably a bad choice and definitely bad advice, since it can't be assumed that default SSIDs are not the same for many devices. Some manufacturers uses SSIDs with random character sequences, but many don't. The SSID is indeed used as a seed value in the calculation of the session keys, so not using a standard SSID increases the security.
Besides, there are other good reasons for choosing a unique SSID: Your laptop won't try to connect to other networks with the same SSID as yours and it makes debugging simpler. There's no need to be cute, witty or offensive, but not changing the default at all is not a good idea.
Re:Why. (Score:4, Insightful)
There are a lot of "cute" AP names around, but mine is what the thing came with. The extent of my interest in that equipment is knowing I've properly secured it
Re-naming an SSID away from stock is part of properly securing it. Unless you're far enough away from your neighbors that your equipment never sees their access points, having a distinct name is part of ensuring that any client you want on your network properly connects to your network, and doesn't occasionally drop to another network (either through software bug or user error.)
Neighbors can be pains! (Score:2, Funny)
I made my neighbors mad when I started naming my SSIDs with things like STFU, ByteMe and the ever popular F*Off. Somehow they always knew it was me though.
For a long time I then stopped broadcasting my SSIDs but now I have them broadcasting but changing every few months.
This isn't really your site, is it? (Score:4, Insightful)
What'd he ever do to you?
answer. (Score:5, Interesting)
"dress me slowly" is a retro clothing store on Nicholson St in Fitzroy. The tram route is therefore route 96 in Melbourne Australia..
What? This wasn't one me those tram spotters quizzes?
Re: (Score:3, Insightful)
Re:answer. (Score:5, Funny)
I code on the tram, going to and from work and I noticed that there are a lot of wifi access points along the way.
I thought about it.
Sincerely,
Derp
Re:answer. (Score:4, Informative)
I live in Clarence street in East Brunswick and I get on at Blythe street. Because its at the end of the line I always get a seat. Going the other way I get on at the WTC in Clarendon street and even if the tram is full at that point it half empties at southern cross station. Going to work I normally sit at the northern end of the tram with an eeepc 701 on my lap. Feel free to say hello if you recognise me. I usually get on at 0730 and ~1745 or so.
Re: (Score:3, Informative)
Getting the use of their TLD must have been part of the deal for the army going in to rescue them from Indonesia. Along with the oil of course.
The .tl domain names are cheap and convenient for me.
Doesnt' netstumbler already do this? (Score:3, Interesting)
Doesnt' netstumbler already do this?
Re:Doesnt' netstumbler already do this? (Score:4, Interesting)
Reno (Score:2)
When I lived in Reno, there was an access point near my apartment named FBIOPS. Either someone was in trouble or someone has a great sense of humor. Really, who is gonna try to hack that one?
Site's dead. Anybody got a mirror? (Score:2, Redundant)
If you know enough to change the name... (Score:2)
I know it doesn't really buy much security, but still. I have never broadcasted my SSID. If you need to know it, I'll tell you, and add you to the list of allowed MAC addresses (again, I know, not totally secure, but still... another hoop to jump thru.)
Re:If you know enough to change the name... (Score:5, Informative)
Hiding the SSID decreases your security. When the access point broadcasts the SSID, the clients passively listen for it when they're not in range. When the SSID is hidden, clients broadcast the SSID in search of the wireless LAN wherever they are. This tells attackers about your laptop. There's even a ready-made attack tool for this: the "JaSager" (an implementation of "Karma") will listen for the probe requests and pretend to be your access point. If your WLAN is encrypted, you won't fall into that trap, but anyone who uses MAC address filters and hidden SSID as the only access control mechanisms is instantly MITMd. Even if you can avoid fake access points, your laptop still leaks your SSID and any information that may give (your name? your address? an obscenity?). Don't turn off SSID broadcasts.
Re: (Score:3, Funny)
AC should have said "your're" instead of "your"
Your're wrong.
Re:If you know enough to change the name... (Score:4, Funny)
Their both right.
Re: (Score:3, Funny)
Hilarious. But I just ran out of mod points...
Why use cron? (Score:3, Interesting)
Re: (Score:3, Informative)
You're missing out on a lot of SSIDs if you're only scanning once a minute. A simple "while true; do iwlist $options >> script1.txt; done" in a few scripts started a second or two apart will help catch more. Maybe set up a cron job to cat and sort -u them together occasionally.
This is the tram! It doesn't take a different route every day. Just repeat the scan for a few weeks, you'll slowly fill in the gaps.
Oh, the humanity! (Score:2)
Why do people post their own stuff here, knowing that their site will crash and burn within seconds? Both of the links are dead. Both!
Re: (Score:3, Informative)
Why do people post their own stuff here, knowing that their site will crash and burn within seconds? Both of the links are dead. Both!
Free load testing. Seriously you would pay someone to do that ;)
War-driving? War-training? (Score:2)
Anyway, where are the GPS coordinates?
Australia? (Score:5, Funny)
Re: (Score:3, Informative)
Quiet Street (Score:5, Funny)
Re:What you are doing is ILLEGAL, IMMORAL, and IIM (Score:5, Informative)
Huh? There's nothing illegal about logging the names of Wifi networks. Or at least there shouldn't be, as that would be completely crazy.
It's aking to noting the names people display publicly next to their doorbells, just easier to do. He didn't connect to any of the networks, just log their names. Nothing wrong with that.
Re:What you are doing is ILLEGAL, IMMORAL, and IIM (Score:5, Interesting)
Not only is it legal, but it's been going on for a long while now [wigle.net].
Re:What you are doing is ILLEGAL, IMMORAL, and IIM (Score:5, Insightful)
Indeed. It's public information, broadcast on some of the most public of the public airwaves -- the 2.4GHz ISM band. Nothing needs decrypted (therefore, various satellite and terrestrial broadcast rules don't apply, nor the DMCA), and nothing needs accessed (therefore, various computer access rules don't apply). Further, an SSID is too short for a meaningful copyright, and trademark law doesn't apply since it's not used in trade. And, of course, recording and publishing these things is simply recording and publishing a list of facts; a practice which has long been protected by various laws and rulings.
Re: (Score:3, Informative)
It's public information [...] And, of course, recording and publishing these things is simply recording and publishing a list of facts; a practice which has long been protected by various laws and rulings.
Not everywhere. In many European jurisdictions at least it is not at all obvious that publishing a list made of publicly available information is legal. In particular, if it is considered "personal information" about people, creating a new compilation of it falls under various personal data protection laws - even if every individual piece of information in there is publicly available somewhere.
I don't know of any place that'd considered AP SIDs to be personal information in that sense, though - but it would
Re:What you are doing is ILLEGAL, IMMORAL, and IIM (Score:5, Informative)
Re:What you are doing is ILLEGAL, IMMORAL, and IIM (Score:4, Informative)
Re: (Score:3, Informative)
Except picking up the SSID that is being openly broadcast is not even remotely similar to pinging that same router.
Re: (Score:2)
Re: (Score:3, Funny)
It's certainly not illegal anyplace that I've ever heard of.
What about Soviet Russia?
... points access you?
Re:What you are doing is ILLEGAL, IMMORAL, and IIM (Score:4, Insightful)
Re: (Score:3, Funny)
Re:Only 29 Named 'Linksys'? (Score:5, Funny)
Re: (Score:2)
An SSID named "enter_and_your_hacked" is far too tempting to hack and fix the grammatical error.
So change it to "Enter and you will be cracked"?
Re:Once in Washington DC... (Score:5, Funny)
I saw one near a Subway restaurant that said "Jared Is Still Fat"
Also died laughing.
Re:Tram? Get real... (Score:5, Funny)
Yeah because as everyone knows, Australia is in Europe...
So... WTF is "Free Public WiFi" really doing? (Score:5, Interesting)
I see these "Free Public WiFi" ESSIDs all over the place in public areas, such as airports. They never work. They're usually ad-hoc networks.
I assumed for a while that they're symptoms/carriers of some kind of malware, but didn't really worry about it since I don't use Windows.
I just read this article which has a slightly crazy but just-maybe-plausible theory to explain them [chron.com]. They think that it's a weird, propagating out-of-control Windows XP feature, which makes every network to which an XP computer connects propagate its name as an ad-hoc network. And then when somebody else tries to connect because of the enticing name, they keep the ESSID alive for another minute since it's an ad-hoc network, and this continues ad infinitum. So the whole thing is nothing but a long-lasting "echo" of a forgotten network that keeps alive in heavily trafficked public areas. The whole idea seems nuts. Dumber than dumb. Dumber than Microsoft even.
But I haven't heard of any better explanation for the "Free Public Wifi" phenomenon. Anyone else???
Re:So... WTF is "Free Public WiFi" really doing? (Score:5, Informative)
How about evil people sitting at airports with laptops, setting up ad-hoc networks and trying to steal credit card numbers from unsuspecting travellers? Wasn't that actually on Slashdot a few months back?
Rule of thumb: Don't log onto ad hoc networks unless you know who's running them...
Re:So... WTF is "Free Public WiFi" really doing? (Score:4, Informative)