Jump to content



Photo

Monitor WiFi access points

wifi monitoring email notifications

  • Please log in to reply
35 replies to this topic

#16 n_K

n_K

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 19-March 06
  • Location: here.
  • OS: FreeDOS
  • Phone: Nokia 3315

Posted 14 December 2012 - 16:33

"You could always introduce some wireless interference so their hotspots won't work. Bit on the dodgy side perhaps..."

that would be illegal :)
and would affect their own Access Points as well (if they are using them)

Not sure about in the US but it's illegal in the UK...
Unless you're part of the government or a government service (which includes fire and police) in which case it's legal :p


#17 xendrome

xendrome

    In God We Trust; All Others We Monitor

  • Tech Issues Solved: 13
  • Joined: 05-December 01
  • OS: Windows 8.1 Pro x64

Posted 14 December 2012 - 16:41

Also working for a local government LE agency I can tell you the BEST way to handle this type of situation is through policy with strict warnings/actions. And as to the comment above saying that introducing wireless interference is not illegal simply because you are part of the government or government service is incorrect.

#18 OP c.grz

c.grz

    Neowinian

  • Joined: 22-September 04
  • Location: Chicago, Illinois
  • OS: Windows 8.1U1 Professional
  • Phone: Nokia Lumia 925

Posted 14 December 2012 - 16:45

Not my business, but what's wrong with people using their own devices? Like pointed above, any smartphone can function as a hotspot :/ Are you going to forbid smartphones?

(Don't mean to sound like a jerk, just curious is all).


We know that we can't control what people do on their phones/tablets/personal pc's. The issue is when these people use city owned equipment along with their personal hotspots/smart phones to bypass security we have in place to protect our network.

#19 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 14 December 2012 - 16:48

^ exactly, its not that they can browse porn (example) on their smartphone. Its that they are bypassing the company internet filtering, connecting the work device to an unsecured network, etc.

Your best bet is to lock down the work devices to only be able to connect to specific wifi APs and not allow the users to change these settings.

As to warning of these hotspots popping up, yeah the netsh script should be easy enough to setup so that you get a warning and details about the hotspot that is around.

#20 OP c.grz

c.grz

    Neowinian

  • Joined: 22-September 04
  • Location: Chicago, Illinois
  • OS: Windows 8.1U1 Professional
  • Phone: Nokia Lumia 925

Posted 14 December 2012 - 16:49

The solution to the problem is a cell phone jammer. But that creates issues on a whole different level.


Everyone relies on their cellphones to communicate. Using a cell phone jammer would probably lead to a revolt...

#21 sagum

sagum

    Unicorn Doctor

  • Joined: 09-October 08
  • Location: England
  • OS: Mac OS X 10.9 / Windows 7/8.1
  • Phone: LG E900 & Lumia` 610/520/920

Posted 14 December 2012 - 16:58

We know that we can't control what people do on their phones/tablets/personal pc's. The issue is when these people use city owned equipment along with their personal hotspots/smart phones to bypass security we have in place to protect our network.


Firstly, it'd be very easy to create a simply bit of software that'll monitor the airwaves for new networks that show up and report them back. You can setup applications such as netstumbler that'll log the time and date of the networks as they come and go. That could be sent off at the end of the day for example.

A better bet would be to use something the common Linux wireless air* tools, usually used to crack networks, to monitor the active networks, including networks that do not broadcast their SSID and you'll also be able to see what devices are connecting to what network, by their MAC address. This would be proof that such dept hardware is connecting to say a Nokia cell phone acting as a access point.

However, its unlikely that you'll be able to block or do anything about people using their own devices to setup access points if they really wanted to.

What I would suggest is looked at enforcing a network policy on the dept machines so they can't join additional networks. That'd be the best option as even if the employees setup their own AP, they wouldn't be able to use the dept machines to connect to them (without a lot of spoofing, but that is possible anyway)

#22 f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12

Posted 14 December 2012 - 17:13

Hi,
We're currently having issues with people at the fire stations bringing in their own hotspots to bypass our proxy.


Are you sure they are bringing their own and not using a program like ultrasurf or such?

Anyway, I don't believe there is anything you can do other than install a key logger to see who's typing in a blocked address. Give every firefighter and officer their own account so they can't point fingers, etc.

#23 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 35
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 14 December 2012 - 17:15

The best you can do is lock down your computers to a certain ssid and do not allow them to connect to anything else.


Your best bet is to lock down the work devices to only be able to connect to specific wifi APs and not allow the users to change these settings.



What I would suggest is looked at enforcing a network policy on the dept machines so they can't join additional networks. That'd be the best option as even if the employees setup their own AP, they wouldn't be able to use the dept machines to connect to them (without a lot of spoofing, but that is possible anyway)


all of this, then you can stop playing games with trying to monitor crap. Know that they can't connect vs trying to bring the hammer down when they do connect.

#24 OP c.grz

c.grz

    Neowinian

  • Joined: 22-September 04
  • Location: Chicago, Illinois
  • OS: Windows 8.1U1 Professional
  • Phone: Nokia Lumia 925

Posted 14 December 2012 - 17:22

all of this, then you can stop playing games with trying to monitor crap. Know that they can't connect vs trying to bring the hammer down when they do connect.


Yeah I know; but I was told by my boss to go down this route...so down this route I go.

I tend to disagree with his way of going about things; I've learned that it's easier to just do what he asks and when then that doesn't pan out I can do what the right thing is...but that's another story for another day.

Thanks all!!!

#25 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 35
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 14 December 2012 - 17:36

might want to remind your boss that it is better to prevent aids then try to cure the aids breakout over the network.

#26 n_K

n_K

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 19-March 06
  • Location: here.
  • OS: FreeDOS
  • Phone: Nokia 3315

Posted 14 December 2012 - 17:53

Also working for a local government LE agency I can tell you the BEST way to handle this type of situation is through policy with strict warnings/actions. And as to the comment above saying that introducing wireless interference is not illegal simply because you are part of the government or government service is incorrect.

Wrong, it is correct.
http://www.telegraph...ng-devices.html
and http://stakeholders....cement/jammers/

#27 xendrome

xendrome

    In God We Trust; All Others We Monitor

  • Tech Issues Solved: 13
  • Joined: 05-December 01
  • OS: Windows 8.1 Pro x64

Posted 14 December 2012 - 18:02

Wrong, it is correct.
http://www.telegraph...ng-devices.html
and http://stakeholders....cement/jammers/


Ok what I am saying is just because someone works for the government doesn't mean they can just jam cell phone signals. If a jail wants to jam cell phone signals to keep inmates from trying to make outbound calls and smuggling in cell phones, then I'm sure they have proper approval and have done the correct steps to take those actions. But just going "Oh hey I work for the government... <<turns jammer on>>" doesn't make it legal.

#28 OP c.grz

c.grz

    Neowinian

  • Joined: 22-September 04
  • Location: Chicago, Illinois
  • OS: Windows 8.1U1 Professional
  • Phone: Nokia Lumia 925

Posted 14 December 2012 - 18:07

I thought working for the government gave you unlimited power... :-(

#29 Draconian Guppy

Draconian Guppy

    LippyZillaD Council

  • Tech Issues Solved: 3
  • Joined: 22-August 04
  • Location: Neowin

Posted 14 December 2012 - 18:45

Yeah i'm probably "desensitized" on sensitive information... :p BUTT that said, disabling wifi is easy, installing group policies as well. Eg email SHOULDn'T if not in same domain. Most desktops shouldn't have admin. privileges to install a wifi dongle (seeing as how most desktop don't come with built in wifi) etc...


Also working for a local government LE agency I can tell you the BEST way to handle this type of situation is through policy with strict warnings/actions. And as to the comment above saying that introducing wireless interference is not illegal simply because you are part of the government or government service is incorrect.


^ exactly, its not that they can browse porn (example) on their smartphone. Its that they are bypassing the company internet filtering, connecting the work device to an unsecured network, etc. Your best bet is to lock down the work devices to only be able to connect to specific wifi APs and not allow the users to change these settings. As to warning of these hotspots popping up, yeah the netsh script should be easy enough to setup so that you get a warning and details about the hotspot that is around.

might want to remind your boss that it is better to prevent aids then try to cure the aids breakout over the network.

Ok what I am saying is just because someone works for the government doesn't mean they can just jam cell phone signals. If a jail wants to jam cell phone signals to keep inmates from trying to make outbound calls and smuggling in cell phones, then I'm sure they have proper approval and have done the correct steps to take those actions. But just going "Oh hey I work for the government... <>" doesn't make it legal.

I thought working for the government gave you unlimited power... :-(


It does, through policies :shifty: I think what we can outline here is
YOU can setup the WORK related computers so that they don't connect to someother network.

#30 dvb2000

dvb2000

    Neowinian

  • Joined: 21-November 07

Posted 15 December 2012 - 00:20

I guess we'll just have to update our IT policy forbidding the use of wireless devices not approved for use by the I.T. Department.


As above, you're wasting your time.

You can only control your own network, and "possibly" any workstations you control by a locked down SOE. If they are using laptops (likely since you mention wifi) then most likely they are "mobile" staff who would be able to connect to wifi access points while they are away from the office, so its impossible for you to lock this down.

Even if not, they would just use their own smartphones/tablets to surf the web and you have ZERO control over their own personal devices.

Unless you're part of the government or a government service (which includes fire and police) in which case it's legal :p


I doubt it, even government departments (or in this case, micro managing, control freak, managers) would need to apply and receive the appropriate communications license to use such devices.