Server Help :: View topic - Hands off my wireless.

Server Help

Trash Talk - Hands off my wireless.

K' - Sun Aug 06, 2006 4:39 am
Post subject: Hands off my wireless.

Quote:

Upside-Down-Ternet

My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun.

Split the network
I'm starting here by splitting the network into two parts, the trusted half and the untrusted half. The trusted half has one netblock, the untrusted a different netblock. We use the DHCP server to identify mac addresses to give out the relevant addresses.

/etc/dhcpd.conf
ddns-updates off;
ddns-update-style interim;
authoritative;

shared-network local {

subnet *.*.*.* netmask 255.255.255.0 {
range *.*.*.* *.*.*.*;
option routers *.*.*.*;
option subnet-mask 255.255.255.0;
option domain-name "XXXXX";
option domain-name-servers *.*.*.*;
deny unknown-clients;

host trusted1 {
hardware ethernet *:*:*:*:*:*;
fixed-address *.*.*.*;
}
}

subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.2 192.168.0.10;
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option domain-name-servers 192.168.0.1;
allow unknown-clients;

}
}

IPtables is Fun!
Suddenly everything is kittens! It's kitten net.

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 64.111.96.38

For the uninitiated, this redirects all traffic to kittenwar.

For more fun, we set iptables to forward everything to a transparent squid proxy running on port 80 on the machine.

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1

That machine runs squid with a trivial redirector that downloads images, uses mogrify to turn them upside down and serves them out of it's local webserver.

The redirection script
#!/usr/bin/perl
$|=1;
$count = 0;
$pid = $$;
while (<>) {
chomp $_;
if ($_ =~ /(.*\.jpg)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.jpg", "$url");
system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.jpg");
print "http://127.0.0.1/images/$pid-$count.jpg\n";
}
elsif ($_ =~ /(.*\.gif)/i) {
$url = $1;
system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.gif", "$url");
system("/usr/bin/mogrify", "-flip","/space/WebPages/images/$pid-$count.gif");
print "http://127.0.0.1/images/$pid-$count.gif\n";

}
else {
print "$_\n";;
}
$count++;
}

Then the internet looks like this!

And if you replace flip with -blur 4 you get the blurry-net

I would've sent them to view a bit of goatcx.
Mental scars for life are fun!

D1st0rt - Sun Aug 06, 2006 3:46 pm
Post subject:

Old, they even backslashed it.

BDwinsAlt - Sun Aug 06, 2006 8:54 pm
Post subject:

I think that is interesting. I don't use wireless though. When I save up enough money for my laptop I might get a wireless. I don't like staying in the same room as the rest of my family all the time.

Thanks for the post.

Cerium - Mon Aug 07, 2006 1:14 am
Post subject:

Thank you for calling AOL technical support, how can I be of assistance today?

Whenever I browse the interweb my images are upside down.

Id hate to be the poor sap who had to attempt to troubleshoot this.

The Apache - Mon Aug 07, 2006 5:47 am
Post subject:

"Thank you for calling Dell technical support. The line is currently closed. Please don't call again until we are open.

If your webpages are being shown upside down, please reinstall your internet"

Cyan~Fire - Mon Aug 07, 2006 9:54 am
Post subject:

Hehe, this makes me wish I used wireless.

... thanks Grav.

Solo Ace - Mon Aug 07, 2006 11:34 am
Post subject:

This is a reason for me to get a box on wireless.

Isn't this kinda the same as airpwn though?

Mine GO BOOM - Mon Aug 07, 2006 1:11 pm
Post subject:

Solo Ace wrote:

Isn't this kinda the same as airpwn though?

airpwn intercepted wireless packets and sent off its own before the real sites could reply. This requires admin access to one of the routers to adjust the iptables.

Solo Ace - Tue Aug 08, 2006 2:08 am
Post subject:

Well, yeah, but the result is the same.

I think the way airpwn works is more coolness.