![]() ![]() ![]() This means the attack traffic will probably rapidly change its source MAC address to attack multiple devices/APs. In other words, a laptop connected to an AP, would only deauth because traffic appearing to come from the AP's MAC address said so. The MAC addresses you see for this traffic will likely be relatively useless to you, as successfully deauthenticating wireless devices means they need to think it came from a device they were associated with in the first place. You would want to first identify the area where the "jamming" appears to be happening, then capture and examine the wireless traffic in the area, looking for something which fits the profile I described: rapidly changing channels, sending large amounts of deauth packets per second, or both. Furthermore, the "blasting" requires sending a lot of packets very fast, and would have a physical area of effect based on the power of the attacker's antenna and signal power. This is very anomalous behavior for a normally functioning wireless device on its face. In order for the jammer to be effective against all devices in the vicinity, it must jump through all of the wireless channels (channels 1 through 11 are approved for use in the United States by the FCC), identifying as many wireless devices as possible on each channel, and blasting them with said "deauth" packets. One such tool for this is "airodump" from the aircrack-ng tool suite. You would want a wireless card with an external/portable directional antenna, and something to capture/record/analyze the wireless packets out of the air. This means it isn't a jammer in the traditional sense: it is not directly interfering with radio communications themselves, it is speaking the 802.11 protocol just like all your other wireless networking devices. The tool you're referring to, simply blasts/floods crafted 802.11 "deauth" packets which tell wireless devices to unassociate with a given wireless network. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |