Joi Ito's Web

Joi Ito's conversation with the living web.

When the WiFi network went down at FiRe and Max quickly mapped out the network, grabbed a free IP address and started hunting for the rogue network, it was useful and cool. I hadn't messed around with "security tools" recently so I decided to spend one hour searching for some tools that would work on my Mac.

First I downloaded trusty nmap which scans your network for computers, does an OS fingerprint and will often find the name, revealing the owner. It will also do quiet portscans to see what services are running on the machines.

Then I found ettercap. (Lastest version doesn't run properly on the OS X, use version 0.6.7.) This is a full-featured packet sniffer with an easy to use interface. It is unique in that instead of doing IP sniffing, it uses ARP hacking and MAC address spoofing to allow you to sniff across switches. It has a variety of "plug-ins" that let you easily capture email, passwords and keyword filtered bits and pieces into files or onto the screen. It lets you insert your own text into connections so you could for instance type a command into someone's telnet session. Of course you can also terminate other people's sessions and connections. Another interesting feature in the recent release is that you can now sniff SSH1 sessions. (Lucky for Dan we installed SSH2 on his computer.)

ettercap README

When the connection starts (remember that we are the master-of-packets, all packets go through ettercap) we substitute the server public key with one generated on the fly and save it in a list so we can remember that this server has been poisoned before.

Then the client send the packet containing the session key ciphered with our key, so we are able to decipher it and sniff the real 3DES session key. Now we encrypt the packet with the correct server public key and forward it to the SSH daemon.

The connection is established normally, but we have the session key !! Now we can decrypt all the traffic and sit down watching the stream ! The connection will remain active even if we exit from ettercap, because ettercap doesn't proxy it (like dsniff). After the exchange of the keys, ettercap is only a spectator... ;)

I also googled around a bit and found a wep key cracker for WiFi wep keys and a password cracker for unix and windows passwords that all seemed easy enough to run.

My point is, an old fart like me with a some curiosity and an hours works was able to load up enough gear onto my Mac to do the basics. With a bit more time and skill, I could probably find the exploits so I could break into the computers I found on the network instead of just watching and messing with their connections.

If you want to feel safe using a WiFi network, AT LEAST use SSH2 port forwarding, PGP and some security on your network like a Sputnik with security turned on.


"SSH1 is broken" is an unqualified, simplified statement which many would consider as FUD.

Yes, SSH1 is vulnerable to insertion attacks, but it is just as vulnerable to MITM attacks as SSH2.

Do some research.


Dirk. You are right. The fact that the README in ettercap referred to SSH1 but not to SSH2 made me think that their MMTM attacked worked only with SSH1. I guess that theoretically, it is maybe the same thing. You're right also about the fact that it's not SSH1 that's broken, but the fact that you can "poison" ARP I guess. Still, just because you use SSH, you shouldn't feel safe. I used to feel VERY safe when I was ssh port forwarding, but I don't anymore. I think the GUI on ettercap also drive the point home for me because it makes it all just a mouseclick away...

Actually, I don't think I said SSH1 is broken. I just said not to feel safe just because you use it.

SSH1 implementations were known to have some problems which I believe have been mostly plugged in SSH2.

I'm a rather paranoid kind of guy, but feel pretty safe using SSH2 tunnels even over a wide-open nework. To minimize password sniffing risks, I always use DSA-based authentication for my SSH2 connections, and maintain my and known_hosts files up to date.

There's something to be said for storing your id_dsa private key only on removable media -- e.g. on a removable USB memory key. This way, your keys are at least safe(-ish) if your laptop or desktop gets stolen...

As tedious as it may seem, it is also a good idea to password protect your key in case it gets stolen. Although someone would eventually crack the password, it gives you some time to react and is better than nothing. You can use "ssh-agent" to minimize typing in the password every time you connect somewhere.

And one of my favorite security measures is limiting login by username and IP using "AllowUsers" in sshd_config (e.g. AllowUsers zaidi@999.999.1.2 dave@888.*.*.*).

JI> Actually, I don't think I said SSH1 is broken.

And I don't think I quoted you... ;-)

I like the the idea of having the RSA key on a removable device... but USB is still cumbersome. The LAKS is a cool start, I met the manufacturer at the recent Business 2003 show. Imagine a wireless wristwatch containing the key. In fact so many cool things would be possible if your watch was an authentication token of sorts.


I like my watches to be well water-proofed. Not really sure whether the LAKS' USB connector would cut it :-)

What the paranoid among us need is a tiny Bluetooth filesystem on a wristwatch. A file in the wristwatch would contain a decryption key which the laptop would use to decrypt and hold in RAM your private keys -- e.g. for your SSH2 DSA.
The decrypted, possibly application-dependent key pairs would then be sent to a trusted process -- à la NIS keyserv -- where they would only be stored in RAM.

This way, you'll have to have both your Bluetooth filesystem -- e.g. wristwatch, mobile phone -- and your laptop stolen at the same time for your keys to be easily recoverable by your thief.

For the even more paranoid, add filesystem encryption and biometrics ;-)

Fact is SSH is only as good as the user. MIT attacks are one thing but there are others, see PHRACK 59 article 11. And if you like ettercap you will love dsniff
I'm not sure if the latest version will build on OS X but I've seen OS X binaries floating around.

ejovi :-)

All these feature are alredy implemented into ettercap standard distribution. Yeah!

SSH2 is as safe as your known_hosts file.

Guys, my neighbor has a dlink or syslink router with wireless capability...i have a LAP TOP with a wireless card and i can sniff or send packets but cannot receive ANY information. Which program could I use to sniff their IP and browse the NET from their wireless home router? Is there a program that can sniff and decrypt WEP encrypted home routers? I am badly in need of this... thanks


While want you want does exist, why don't just go knock on their door and ask? The fact that they have turned on WEP seems to be a pretty good indication they want that courtesy at a minimum.

If you can't do that, try getting a job and paying for your own access.

In case your parents didn't mention this, stealing is bad.

Feel free to quote me on that.

hehe, good one Megavolt -- that's telling 'em

1 TrackBacks

Listed below are links to blogs that reference this entry: You have a switch? SSH1? A wep key? Ha! You're not safe..

TrackBack URL for this entry:

I just read about an interesting use of WiFi in a Korean newspaper . Read More