Wireless Internet access points also called “hotspots” are increasingly available at cafes, malls and restaurants within business districts of Jakarta. The popularity of hotspots is increasing and more and more business people equip their laptops with wireless cards in order to have access to Internet while they are away of their desks. If you are a happy owner of a wireless enabled laptop, you can access your business e-mail, your on-line banking facility and your organization's network while enjoying your lunch meal at a restaurant. This certainly sounds exciting and user-friendly, yet are there any negative aspects of this new technology? This text presents results of my investigation in this area, plus explains how malicious hackers can access Internet on commercial hotspots, while real customers are paying for the connection.Few weeks ago, a friend of mine told me about his problem related to use of a wireless hotspot service in Jakarta. As a happy owner of a laptop with wireless card, he started to use commercial wireless hotspot service provided by one of the local ISPs (Internet Service Providers) – unfortunately no free wireless is available at a mall near his office. The service is charged per minute and the price is within acceptable range if compared to ridiculously high fees charged by GPRS or CDMA service providers. Everything seemed to work fine for the first month, but then my friend noticed some irregularities in the use of the wireless hotspot service and the cost. So to speak, the cost of the service seemed to be double of what he thought he had actually used. Surprisingly, the ISP didn’t seem to be anyhow interested in this customer’s concern and simply answered “there is no problem with our service”, thus he asked me if I could help. Since the security of wireless communication has been within my interest for quite long, I decided to investigate. Ground-Zero For a preliminary testing ground we’ve chosen known mal in central Jakarta. The place got quite a few restaurants and cafes with commercial wireless hot-spot service available, plus there are many offices around and you can often see people using their laptops during lunch time. At the day of testing, we are quipped with two IBM ThinkPad laptops using Windows XP Professional OS and with preinstalled tools used in this article. I realise most of you elite 31337 hackers would call me a total lamer for using Windows XP, so let me explain. To make it easier to understand the basis of wireless security and less likely to say “our systems are secure”, I decided use Windows XP. Additionally, I also want to show the simplicity of techniques presented here. Thus, if you are an advanced computer user or expert, please have in mind that this text is targeted to less experienced computer users. Let's start While seating at one of the cafés I fired-up my laptop and discovered several wireless networks available. Two of these hotspots were providing commercial wireless access service, among which one was often used by my friend. I connected to this wireless hotspot, ignored warnings displayed by Windows XP considering insecurity of the wireless network I am and simply tried to connect to www.google.com. As expected, an ISP web-site popped up with information that I need to log-in with my username and password in order to use the service. At the same time my friend using his laptop logged-in to the site and browsed through some web-sites. I disconnected from the wireless network and connected back several times, until this message box appeared on my screen:
|C:\> ipconfig /all|
|C:\> macshift NEW_MAC_ADDRESS -i "Interface Name"|
|C:\> macshift 000E35787777 -i "Wireless Network Connection"|
- Changing the IP address of your wireless card to the IP address used by laptop of a user authenticated to the hotspot,
- Optionally if necessary, changing the IP address and the MAC address of our wireless interface to the IP address and the MAC address of wireless interface used by laptop of a user authenticated to the hotspot.