document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-13 22:30:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2647 from wi-cuckoo/master

Browse Source 
translated wi-cuckoo llap
This commit is contained in:
Xingyu.Wang 2015-04-20 09:21:53 +08:00
commit 749737b4f3
2 changed files with 40 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
sources/share/20150410 This tool can alert you about evil twin access points in the area.md
View File

@ -1,41 +0,0 @@
translating wi-cuckoo
This tool can alert you about evil twin access points in the area
================================================================================
**EvilAP_Defender can even attack rogue Wi-Fi access points for you, the developer says**
A new open-source tool can periodically scan an area for rogue Wi-Fi access points and can alert network administrators if any are found.
The tool, called EvilAP_Defender, was designed specifically to detect malicious access points that are configured by attackers to mimic legitimate ones in order to trick users to connect to them.
These access points are known as evil twins and allow hackers to intercept Internet traffic from devices connected to them. This can be used to steal credentials, spoof websites, and more.
Most users configure their computers and devices to automatically connect to some wireless networks, like those in their homes or at their workplace. However, when faced with two wireless networks that have the same name, or SSID, and sometimes even the same MAC address, or BSSID, most devices will automatically connect to the one that has the stronger signal.
This makes evil twin attacks easy to pull off because both SSIDs and BSSIDs can be spoofed.
[EvilAP_Defender][1] was written in Python by a developer named Mohamed Idris and was published on GitHub. It can use a computer's wireless network card to discover rogue access points that duplicate a real access point's SSID, BSSID, and even additional parameters like channel, cipher, privacy protocol, and authentication.
The tool will first run in learning mode, so that the legitimate access point [AP] can be discovered and whitelisted. It can then be switched to normal mode to start scanning for unauthorized access points.
If an evil AP is discovered, the tool can alert the network administrator by email, but the developer also plans to add SMS-based alerts in the future.
There is also a preventive mode in which the tool can launch a denial-of-service [DoS] attack against the evil AP to buy the administrator some time to take defensive measures.
"The DoS will only be performed for evil APs which have the same SSID but a different BSSID (AP's MAC address) or run on a different channel," Idris said in the tool's documentation. "This is to avoid attacking your legitimate network."
However, users should remember that attacking someone else's access point, even a likely malicious one operated by an attacker, is most likely illegal in many countries.
In order to run, the tool needs the Aircrack-ng wireless suite, a wireless card supported by Aircrack-ng, MySQL and the Python runtime.
--------------------------------------------------------------------------------
via: http://www.infoworld.com/article/2905725/security0/this-tool-can-alert-you-about-evil-twin-access-points-in-the-area.html
作者:[Lucian Constantin][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.infoworld.com/author/Lucian-Constantin/
[1] https://github.com/moha99sa/EvilAP_Defender/blob/master/README.TXT

40
translated/share/20150410 This tool can alert you about evil twin access points in the area.md Normal file
View File

@ -0,0 +1,40 @@
这个工具可以提醒你一个区域内的假面猎手接入点 evil twin暂无相关翻译
===============================================================================
**开发人员称EvilAP_Defender甚至可以攻击流氓Wi-Fi接入点**
一个新的开源工具可以定期扫描一个区域以防流氓Wi-Fi接入点同时如果发现情况会提醒网络管理员。
这个工具叫做EvilAP_Defender是为监测攻击者配置的恶意接入点而专门设计的这些接入点冒用合法的名字诱导用户连接上。
这类接入点被称做假面猎手,使得黑客们从接入的设备上监听互联网信息流。这可以被用来窃取证书,破坏网站等等。
大多数用户设置他们的计算机和设备可以自动连接一些无线网络比如家里的或者工作地方的网络。尽管如此当面对两个同名的无线网络时即SSID相同有时候甚至时MAC地址也相同这时候大多数设备会自动连接信号较强的一个。
这使得假面猎手的攻击容易实现因为SSID和BSSID都可以伪造。
[EvilAP_Defender][1]是一个叫Mohamed Idris的人用Python语言编写公布在GitHub上面。它可以使用一个计算机的无线网卡来发现流氓接入点这些接入点复制了一个真实接入点的SSIDBSSID甚至是其他的参数如通道密码隐私协议和认证信息。
该工具首先以学习模式运行,为了发现合法的接入点[AP],并且加入白名单。然后切换到正常模式,开始扫描未认证的接入点。
如果一个恶意[AP]被发现了,该工具会用电子邮件提醒网络管理员,但是开发者也打算在未来加入短信提醒功能。
该工具还有一个保护模式在这种模式下应用会发起一个denial-of-service [DoS]攻击反抗恶意接入点,为管理员采取防卫措施赢得一些时间。
“DoS不仅针对有着相同SSID的恶意AP也针对BSSIDAP的MAC地址不同或者不同信道的”Idris在这款工具的文档中说道。“这是避免攻击你的合法网络。”
尽管如此,用户应该切记在许多国家,攻击别人的接入点,甚至一个可能一个攻击者操控的恶意的接入点,很多时候都是非法的。
为了能够运行这款工具需要Aircrack-ng无线网套装一个支持Aircrack-ng的无线网卡MySQL和Python运行环境。
--------------------------------------------------------------------------------
via: http://www.infoworld.com/article/2905725/security0/this-tool-can-alert-you-about-evil-twin-access-points-in-the-area.html
作者:[Lucian Constantin][a]
译者:[wi-cuckoo](https://github.com/wi-cuckoo)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.infoworld.com/author/Lucian-Constantin/
[1] https://github.com/moha99sa/EvilAP_Defender/blob/master/README.TXT