I have some questions about wireless access, spoofing, hackers, and the possible vulnerability of my system.
I live in a neighborhood rife with wireless access points. While sitting in my favorite chair, I can often see up to 6 wireless access points (some secure, some open), but if I walk around the house, I have been able to see up to 14 different access points. And most of them have been there for quite a number of months. No biggie yet.
A few days ago, a new one showed up. While all the other access points I've seen before have been "managed" (I am using OS X ... I believe the corresponding term in Windows is "infrastructure mode"), this new access point was an "ad hoc" one. But the strange thing was, this ad hoc access point is named "Free Public WiFi."
On top of this, the MAC address starts out with "02" and all the other devices I've ever seen on a wireless network have started out with "00."
So my first thought is that someone is having a bit of fun, naming their open ad hoc network "Free Public WiFi." Then, shortly thereafter, another ad hoc network shows up with the same name ("Free Public WiFi") with the MAC address 44:44:44:44:44:44, but my laptop only detects it for a second, then it goes away for a couple seconds, then it comes back for a second, then goes away, repeatedly. Things are looking more suspicious.
Even stranger, after the second day, the very first access point has slightly changed its MAC address. (Not giving away the exact values, but an example would be that when I first saw it, it was 02:04:A6:82:4E:9A, but then a day later it was 02:04:73:11:4E:9A ) The second "Free Public WiFi" with the 44:44:44:44:44:44 MAC address is still there as well.
Now, I've read that there's a bug in some Windows laptop systems such that if you join an ad hoc network, afterwards your wireless will broadcast the name of that ad hoc network. So, it *might* be possible that this user once connected to an ad hoc network named "Free Public WiFi" and his laptop is broadcasting this SSID. But the weirdness of the two simultaneous access points, the changing MAC address, the *very* weird 44:44:44:44:44:44 MAC address makes me suspicious that it's someone intentionally trying to get unsuspecting users to join for the purpose of either monitoring their internet browsing or even cloning their hard drive.
Comments?
(Ideally, I'd prefer answers that reference specific details of wireless networking, and not just guesses.)
- Timothy
P.S. I did *not* connect to this access point, nor do I ever intend to. But I hate the idea that if I slipped with the mouse and accidentally did, I could subject my system to a nefarious 37331 h4¢&3r.
I live in a neighborhood rife with wireless access points. While sitting in my favorite chair, I can often see up to 6 wireless access points (some secure, some open), but if I walk around the house, I have been able to see up to 14 different access points. And most of them have been there for quite a number of months. No biggie yet.
A few days ago, a new one showed up. While all the other access points I've seen before have been "managed" (I am using OS X ... I believe the corresponding term in Windows is "infrastructure mode"), this new access point was an "ad hoc" one. But the strange thing was, this ad hoc access point is named "Free Public WiFi."
On top of this, the MAC address starts out with "02" and all the other devices I've ever seen on a wireless network have started out with "00."
So my first thought is that someone is having a bit of fun, naming their open ad hoc network "Free Public WiFi." Then, shortly thereafter, another ad hoc network shows up with the same name ("Free Public WiFi") with the MAC address 44:44:44:44:44:44, but my laptop only detects it for a second, then it goes away for a couple seconds, then it comes back for a second, then goes away, repeatedly. Things are looking more suspicious.
Even stranger, after the second day, the very first access point has slightly changed its MAC address. (Not giving away the exact values, but an example would be that when I first saw it, it was 02:04:A6:82:4E:9A, but then a day later it was 02:04:73:11:4E:9A ) The second "Free Public WiFi" with the 44:44:44:44:44:44 MAC address is still there as well.
Now, I've read that there's a bug in some Windows laptop systems such that if you join an ad hoc network, afterwards your wireless will broadcast the name of that ad hoc network. So, it *might* be possible that this user once connected to an ad hoc network named "Free Public WiFi" and his laptop is broadcasting this SSID. But the weirdness of the two simultaneous access points, the changing MAC address, the *very* weird 44:44:44:44:44:44 MAC address makes me suspicious that it's someone intentionally trying to get unsuspecting users to join for the purpose of either monitoring their internet browsing or even cloning their hard drive.
Comments?
(Ideally, I'd prefer answers that reference specific details of wireless networking, and not just guesses.)
- Timothy
P.S. I did *not* connect to this access point, nor do I ever intend to. But I hate the idea that if I slipped with the mouse and accidentally did, I could subject my system to a nefarious 37331 h4¢&3r.
