Tuesday, February 28, 2006

Never Pay For WiFi Again
Sure, I have been stuck in a hotel for a few days with absolutely nothing to do. Left alone with my thoughts, one HBO that only plays shit, and a hotel that charges for WiFi access ... I have resorted to network violence. Even as I record this post I am starving some poor victim of bandwidth and leaving a trail of utter confusion. Allow me to explain, and before long YOU TOO can steal all of your paid WiFi access.

What you need:
* A WiFi card and an OS that allows you to change the MAC address
* A hotel that charges upwards of $200 a night, and still wants 10 bucks more for WiFi.

The idea here, is to assume the identity of a paying customer. This is tougher than it sounds. The access point will welcome you to the network by giving you an address through DHCP. Now you can talk to the access point, and nobody else. In fact, it seems if you try to ping one of the other users of the network, the access point will restrict you from gaining the MAC address of that other party. It seems they are able to stop you from getting the MAC address of anyone but the access point itself. This of course, will stop you from sending traffic to anyone else on the network. So how can you get the victim to send their MAC address to you? Become the access point.

ifconfig eth1

Now you can wait, or if you know the IP address of a legitimate paid customer, you can try pinging them now. You may get a response and you may not. It doesn't matter really. Now you can check your ARP table like this ...

arp -a

You should see the MAC address of the access point, maybe your own MAC address, and then the address or addresses of our potential victims. You might want to start up a second terminal and run ...

tcpdump -i eth1

Just watch for a few minutes and see what kind of traffic people are generating. If you start seeing requests for web pages, VPN connections, etc, those are paying customers. So get a look at their IP addresses. Just don't stay in this mode for long ... because you are derailing traffic from those folks, and confusing the utter hell out of them. Additionally, this is not very nice and you are cheating someone from the access that they paid for. Now ... let's get onto how to take advantage of them.

Now that you know the victims MAC address, and IP address, you need to assume it. This is the hard part, because a lot of OS's or WiFi cards, or BOTH will stop you from falsifying your MAC address. I suppose this is for security sake, but it pisses me off. I am trying to do all this on my MAC, and OS X hasn't allowed you to change the MAC address of the WiFi card since Jaguar. So in my case, I went out and got a "Live" distribution of Ubuntu Linux. The Live version can be booted directly from a CD ROM, and it comes in a Mac PowerPC flavor!

Having booted my distro, and having come to a terminal we do the following ...

ifconfig eth1 down
ifconfig eth1 hw ether 00:11:22:33:44:55
ifconfig eth1
ifconfig eth1 up

First, we brought down the network interface. This is a must. We can't just change our MAC address while the card is in use. For that matter, we're not "changing it" at all. Your MAC address is more or less hard-coded into the network device itself. But we can convince the OS to lie about it, and unless you get an error message ... we're in business. So the second line forced a new 'hw' (hardware) of an 'ether' (ethernet) type to '00:11:22:33:44:55'. This is an imaginary MAC address, so imagine it is that of our victim.

The third line was to configure the IP address of our victim. The last line 'raises' or starts the interface back up. At this point you ARE the victim. You have become ... THEM. You can bring up a browser and begin surfing.

What are the repercussions? There are a few. For one, the victim is probably still trying to use the WiFi access that they paid for. You are using it too .. as them. So imagine what the Access Point must be thinking. To the access point, one person is requesting all of the traffic that is actually coming from two different people. It happily answers each request. One the traffic comes back the other way, the access point sends the traffic to that 'one person' which is actually the TWO of you. So that is to say, if I bring up Yahoo.com, the web page comes back to both of you. Your victim's workstation is probably confused by this, as he didn't request that site. If your victim is especially savvy, YOU may become HIS victim, as he can see all of this traffic that only you should be seeing.

Otherwise, everything works just fine. Surprisingly.

Chicago Week #2
Why did I EVER agree to teaching two solid weeks in Chicago? Oh yeah, it was the money. That's it. At the end of last week I came home for the weekend. And never has a weekend passed by so quickly. Before I knew it, I was back at the airport and ready to go back to Chicago. Sitting on the plane, and watching my home town disappear from under me I flipped on my iPod and hit 'random shuffle'. Wouldn't you know it? Simon and Garfunkel. Homeward Bound. I have never paid that much attention to the song. It's not a song about 'going home'. It's a song about being far away from home, doing business with strangers, and questioning your sanity on the road. I just sort of welled up.

I suppose this is the life for a bachelor. Someone without any goals of family. Or someone who is just plain crazy. In fact, on my way back from Chicago last week I sat next to a guy on the plane. He was your typical "road warrior". Wearing his short sleeved Polo shirt, khaki pants, and gripping his pocket PC, he was on his way to my home town. We struck up a conversation about Columbus and what a nice town it is. "I'll only be here for an hour or so, and then I have to fly right back out". He went on to tell me how crazy his schedule is, and how he hasn't been home in nearly a month. We exchanged complaints about hotel living, airport security, lack of entertainment, etc. Near the end of our conversation he said, "it's weird you know ... living the bachelor lifestyle after all these years". I gathered from the conversation that he had a family, but he didn't know them very well any more. Divorced I imagine. Or perhaps he is one of these "barely married" types that has a wife whom he never sleeps with ... and really doesn't want to sleep with when he at home.

At any rate, the whole thing put me in a down swing, and could just see myself becoming that guy. This lonely old dude who roams the world and has obviously forgotten about what's important in life. For that matter, how does technology (and what I do with it) really make anyone happy?

My entire career is a lie. I am an "instructor". I teach people how to use products because at some point their manager or CEO was sold on said product. It is now my job to convince them that they should use it, and perhaps give them some pointers. They will then use said product to move information from point A to point B. A nice analogy to information technology might be Douglas Adam's explanation of 'the bypass' (highway) in Hitchhikers Guide to the Galaxy. He said that the bypass takes people from point A to point C. And people from point C to point A. All driving very fast of course. This leaves people in point B to wonder just what's so great about these two points that they have to drive so far and so fast to get there. I ... am at point B in my life. Information technology does little (if anything) to aid in human compassion. Being that human compassion is the only answer to true happiness, my entire career is a waste of time and money.

This leaves me in an awkward position. I can't walk into class and tell everyone why they are wasting their lives along with me. I have to keep selling this lie. As much as I try not to be ... I am part of the machine.

I need out of the training business, and I need a position where I can go home at night and do what's important, and that is to be close to my family. I need them, and they need me. I am doing nothing for my family when I am 500 miles away other then creating suffering.

Tonight I'll sing my songs again,
I'll play the game and pretend.
But all my words come back to me in shades of mediocrity
Like emptiness in harmony I need someone to comfort me.
Homeward bound,
I wish I was,
Homeward bound,
Home where my thoughts escaping,
Home where my musics playing,
Home where my love lies waiting
Silently for me

-Homeward Bound : Simon and Garfunkel

Historic Comments
Just make enough money to pay off all your debts, buy a cabin in the woods somewhere, quit your job, and drop off the radar. Sometimes the best way to deal with technology is to turn it off for a while.
Poe | 03.02.06 - 2:18 am | #

God bless you Poe. You understand!!

Ray Dios Haque | 03.02.06 - 11:24 am | #

I've learned a lot of networking information and about dealing with life from reading your blog. Your a valuble instructor to unknown number of people over the internet.

Thank You!
Devo | 03.03.06 - 6:49 pm | #

Hey S! I can so relate on the technology front. I feel like I've forgotten much more than I remember anymore. I am so bored with being a code monkey but its the only thing anyone wants to pay me for right now.

I really want to be a Sommelier (wine expert) but I am looking at years of study and tests to get there. These tests cost money and just how am I supposed to get this money? Being a code monkey. Its a means to an end.

So, whatever happened to your attempts to break into the the security racket? I would think you'd be a natural. You'd also be able to spend more time with your familiy which seems to be the biggest issue with your current situation.


Evil_Rich | 03.14.06 - 10:24 am | #

Devo - I'm glad my blogs have educated and inspired you.

Rich - Still a code monkey, eh? I just used a term the other day that you and the other code monkeys loved, "dancing balogna". That takes me back. Anyway, I would love to be a security auditor. Get paid to break into peoples networks. Unfortunately that job only seems to be available to folks with degrees, and so called "established experts". It's all a means to an end I suppose. We're just slaves together, to the information machine.

Ray Dios Haque | 03.16.06 - 7:59 pm | #

1 comment:

  1. I'll love to be a code monkey and be able to run more easily iz2s on my zipit...But in France the way is to open another bottle to calm my nerves, Corbières bio, mmmmh ! and back to dig the web to try to learn....