User Controls
Is it possible to log log in attempts made on an access point?
-
2016-02-14 at 7:31 PM UTCIs it possible to create a wireless access point that requires a password, that will log all attempted log ins? I think I've read that it's not possible due to the way the password is sent(encrypted) but I wanted to ask anyways. This question is assuming that the person that owns this access point has root access and completely open source software.
I also just learned that 'log in' is two words... -
2016-02-14 at 8:45 PM UTCI know Cisco routers can do this using syslog, not sure about others as I've never looked into it
-
2016-02-14 at 10:59 PM UTC
I know Cisco routers can do this using syslog, not sure about others as I've never looked into it
Same for Juniper IIRC. -
2016-02-15 at 11:46 AM UTCI'm positive that OpenWRT can. Here's some output from the GUI application (luci):
It has to be getting this data from somewhere so I'd you'd have to find out where it's coming from (probably some log). I'd imagine it would also log bad authentication attempts. -
2016-02-15 at 2:41 PM UTCA lot of routers have this information available through their GUI when you connect to them through your web browser. I've done work on probably 4 different routers consistently and they all have this feature. Even if it's not explicitly listed, if there's some kind of "security" setting you can typically see it in the log. Often times you have to manually enable the log so that it records this stuff.
-
2016-02-15 at 3:54 PM UTC
A lot of routers have this information available through their GUI when you connect to them through your web browser. I've done work on probably 4 different routers consistently and they all have this feature. Even if it's not explicitly listed, if there's some kind of "security" setting you can typically see it in the log. Often times you have to manually enable the log so that it records this stuff.
Huh, interesting. The ISP router's I've always had were shitty enough to not have this and I was pretty bamboozled when I saw this kinda thing on an OpenWRT router. Niggas4learning. -
2016-02-15 at 4:13 PM UTC
Huh, interesting. The ISP router's I've always had were shitty enough to not have this and I was pretty bamboozled when I saw this kinda thing on an OpenWRT router. Niggas4learning.
If you have any serious concerns about privacy NETSEC, you should never use an ISP router. Not only that, it ends up more expensive in the long run.
ISP routers don't often have security logs in them because these functions reveal how frequently ISPs scan ports and stuff. ISPs also consider the routers "their property" that you're "renting" so they can legally mine it for data and theoretically access it whenever they want. Don't get me wrong, it's not like the network engineers are sitting around poking through peoples' data for the lulz (very often), but this hardware is intentionally vulnerable because it's designed to allow technicians at your ISP to troubleshoot in real time.
-
2016-02-15 at 8:30 PM UTCMy my goal that surrounds this question, would be to set-up a router that has the same SSID as another nearby router and wait for the owner to accidentally attempt to log into it, thus giving me the password. Is this possible?
Also, is it within the software that does this logging, or is it something that has to be configured within the hardware? In other words, could I take a router that doesn't have this function, rewrite the software, and then have this function? -
2016-02-16 at 4:29 AM UTC
I'm positive that OpenWRT can. Here's some output from the GUI application (luci):
It has to be getting this data from somewhere so I'd you'd have to find out where it's coming from (probably some log). I'd imagine it would also log bad authentication attempts.
was going to make that recommendation. short answer is enterprise devices can, consumer devices can't for the most part.
-
2016-02-16 at 4:35 AM UTC
My my goal that surrounds this question, would be to set-up a router that has the same SSID as another nearby router and wait for the owner to accidentally attempt to log into it, thus giving me the password. Is this possible?
Also, is it within the software that does this logging, or is it something that has to be configured within the hardware? In other words, could I take a router that doesn't have this function, rewrite the software, and then have this function?
1. yeah, there are a few raspberry pi-based devices that do just that. I vaguely remember a 'wifi pineapple' that does something similar.
2. generally speaking the hardware itself has very little NVRAM and even less non-volatile memory, most of both being filled with firmware, bootstraps and other shit like that. even if it is possible for the hardware itself to log those requests, there'd be very little space to log to.
most routers use some for of *nix as a base OS; busybox is popular. you can try ssh'ing in to see if there are any settings available that aren't accessible from the web interface, but short of installing custom firmware like DD-WRT or some serious low-level hacking you won't be able to add authentication logging like you're suggesting. -
2016-02-16 at 4:46 AM UTC
My my goal that surrounds this question, would be to set-up a router that has the same SSID as another nearby router and wait for the owner to accidentally attempt to log into it, thus giving me the password. Is this possible?
That's a pretty clever idea. I'm kind of impressed at how sneaky this is.generally speaking the hardware itself has very little NVRAM and even less non-volatile memory, most of both being filled with firmware, bootstraps and other shit like that. even if it is possible for the hardware itself to log those requests, there'd be very little space to log to.
This is true. However, if there's a will there's a way. You could easily write something in python that emails the results to some email or something so you don't have to rely on the router's storage. -
2016-02-16 at 5:05 AM UTCyeah, that's part of the problem though - you'd first need to get python libs on there, which are fairly big. I tried similar when I was working for a telco - I was trying to get tcpdump on a 3G modem/router to be able to troubleshoot something or other, so downloaded/compiled an ARM build, found I needed dependencies, ran out of space trying to satisfy them, and eventually came to realise the kernel was cut down too far to be able to handle it anyway. also that the only place I could've put it was NVRAM so it disappeared when the device was rebooted.
I suspect for something like that you'd need to take apart the firmware, update the kernel and add your software to the package so when it boots it's all decompiled and loaded into memory but it really is a lot of effort.
I'm not being facetious or sarcastic when I say I'd be interested to see you do it. it's just very complicated and I wouldn't be able to apply myself to such an involved project -
2016-02-16 at 5:08 AM UTC
yeah, that's part of the problem though - you'd first need to get python libs on there, which are fairly big. I tried similar when I was working for a telco - I was trying to get tcpdump on a 3G modem/router to be able to troubleshoot something or other, so downloaded/compiled an ARM build, found I needed dependencies, ran out of space trying to satisfy them, and eventually came to realise the kernel was cut down too far to be able to handle it anyway. also that the only place I could've put it was NVRAM so it disappeared when the device was rebooted.
I suspect for something like that you'd need to take apart the firmware, update the kernel and add your software to the package so when it boots it's all decompiled and loaded into memory but it really is a lot of effort.
I'm not being facetious or sarcastic when I say I'd be interested to see you do it. it's just very complicated and I wouldn't be able to apply myself to such an involved project
I would actually be willing to volunteer if one of you guys wanted to do a website project or something. I have all my network hardware here to set up my "pimped" network and the next few days off so I'd be willing to read nonstop about shit in order to work on this. Hell, I even have a raspbery pi B+ i'd donate to the project.
Also, I'll upload pictures of my network and make a thread about it sometime in the next few days. -
2016-02-16 at 5:11 AM UTCAccording to this it's not possible.
http://superuser.com/questions/884639/is-there-any-way-to-log-incorrect-password-attempts-on-wi-fi-networks -
2016-02-16 at 5:18 AM UTC
According to this it's not possible.
http://superuser.com/questions/884639/is-there-any-way-to-log-incorrect-password-attempts-on-wi-fi-networks
Nothing is impossible.
Again, I ask you, do you want to join me in trying to do this project? -
2016-02-16 at 8:54 AM UTC
If you have any serious concerns about privacy NETSEC, you should never use an ISP router. Not only that, it ends up more expensive in the long run.
ISP routers don't often have security logs in them because these functions reveal how frequently ISPs scan ports and stuff. ISPs also consider the routers "their property" that you're "renting" so they can legally mine it for data and theoretically access it whenever they want. Don't get me wrong, it's not like the network engineers are sitting around poking through peoples' data for the lulz (very often), but this hardware is intentionally vulnerable because it's designed to allow technicians at your ISP to troubleshoot in real time.
True dat. I've got my own openwrt router running behind the ISP's router just for this reason. Yeah, I could get a router/modem combo, but where I live, I don't have to pay to rent the isp modem/router. I'll have to setup a honeypot on my network to monitor if my ISP is doing any portscans and if yes - retreat back behind my openwrt router.
BTW, just my 2cents - it's easier to rally support if you already have a project going, even if it's just a readme or a few functions or an outline on how to approach a problem, than if you're trying to get support starting from 0. I got this from my own experience of trying to get people into a cool project.
The idea sounds pretty damn interesting, but I'm out of spare capacity at the moment due to trying at this freelance thing. I'm turning down a guy today because he wants to pay me in "eeh-kwi-tee" dollars. -
2016-02-16 at 9:44 PM UTC
Again, I ask you, do you want to join me in trying to do this project?
Sure. What do you have in mind? Maybe we could build something that what I mentioned in my other Thread. -
2016-02-17 at 4:12 AM UTC
Sure. What do you have in mind? Maybe we could build something that what I mentioned in my other Thread.
Which other thread? -
2016-02-17 at 6:44 PM UTC
Which other thread?
This one nigga...
http://niggasin.space/forum/technophiliacs-technophiles/63560-a-network-of-forums
