Foil Wireless Poachers and Have Fun Doing It (Part 1)
"I Could Encrypt It or I Could Have Fun"
A lot of folks have an unhealthily casual attitude towards securing their wireless networks. "Oh, it's nice to share" some say. Others think "I have nothing to interest a cracker, so why bother?" Both attitudes are inviting trouble. There is nothing to be gained from leaving your systems open to be used as warez, porn or mp3 servers, or Borged into a spam botnet. Or to find yourself struggling with slow network speeds because some freeloading hog is overloading your bandwidth.
It is nice to share, and it is wise to protect yourself. Smart network admins who really really want to share set up a separate subnet for sharing, securely wall off their LANs from whatever wandering moocher latches on to their signal, and throttle the bandwidth. Smarter admins, in this era of the MAFIAA, porn cops, and terrorists under every keyboard, don't share at all.
But those are the boring, old-fashioned methods. Today we're going to look at some ways of having a little fun with wireless freeloaders, and how to see who is doing what on your wireless LAN.
Peter Stevens, brilliant inventor of the Upside-Down-Ternet, kindly published the scripts he uses to torment wireless freeloaders. They invert images, turn images upside down, or re-direct moochers to Kittenwar.com, no matter what URL they try to access. You'll need iptables, Squid, Perl, DHCPD, and ImageMagick to make this brilliantly wicked scheme work.
Mr. Stevens' scripts are easily adaptableï¿½you don't have to be an ace scripting guru to make simple modifications. If you don't like Kittenwar, substitute the IP address of a different site. Like this example that steers your freeloaders to Vegemite.com:
/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 18.104.22.168
You'll want to use the source subnet and netmask that you have dedicated to sharing with freeloaders. Vegemite.com will educate visitors about this healthy, delightfully smelly, spreadable food thingy. The possibilities with this simple re-direct are endless. You could use your own custom Web page that delivers a warm, personal greeting, or send them to FBI.gov.
Messing with images on Web sites is more subtle, more evil, and more fun. Mr. Stevens shows how to use the
mogrify command (which is part of ImageMagick) with the
-blur options to distort the Web sites visited by your poachers.
-blur is especially fiendish, because they'll think it's a problem with their eyes, their video cards, their monitors--anything but the real cause.
To make this work, you need to be running Squid as a transparent proxy. Then delete the Kittenwar iptables rule and replace it with a rule that directs poacher traffic to your Squid proxy:
/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1
--to-destination value for your own proxy server. Some of my favorite mogrify options for this are:
"/usr/bin/mogrify", "-swirl 30" "/usr/bin/mogrify", "-charcoal 10" "/usr/bin/mogrify", "-paint 10"
These are all beautiful and artistic, and will impress and amaze. These examples show the correct syntax to use in the
redirection script. To test
mogrify on the command line, first make copies of the images you want to alter, because
mogrify overwrites them without making backup copies. Then use it like this:
$ mogrify -swirl 30 [imagename]
mogrify -help displays all the dozens of options. For
mogrify options that take numerical values, some trial-and-error will find the ones most pleasing to you. For example,
-swirl 30 means "twist the image 30 degrees".
charcoal takes a
radius value, and I have no idea what that means. I just try different values to see what happens.