How to send a message to an unknown wifi client

I noticed that someone new has connected to my network and I wanted to send them a message. Any ideas on how to do it? It appears to be a mac.

Reply to
cjtwantstoknow
Loading thread data ...

Easy. You need an AGM-88 HARM (high-speed anti-radiation) missile. Program it for the MAC address of your new guest user and it should deliver an appropriate warhead directly to their location.

formatting link
If they're running OS/X, try from the Unix command line: talk IP_address wall "your message here" I'm not sure how to extract their user name for iChat or AIM. It might be possible by sniffing their traffic, but I'm not sure if the necesarry names are exposed.

Reply to
Jeff Liebermann

Assumption, the mother of all screwups.

I presume you're referring to the bad habit of some wireless client software to "automatically connect to any available access point". Yeah, I don't think that's a great idea and tends to cause many such accidental attack problems. To insure maximum confusion, most client software does not give you a choice of which SSID to connect (by MAC address) resulting in accidental misconnections to equally clueless manufactories that default everything to SSID=linksys.

If your a paranoid IT manager, with the corporate crown jewels to protect, any such accidental connection should probably be treated as a potential intrusion attempt. If your a clueless home user, with an SSID of "linksys", no encryption, and open shares all over the LAN, it might be considered a welcome invitation. Of course, there is the wide assortment of users and systems in between paranoia and sloth.

There is one manufactory with a clue. 2Wire supplies their wireless routers with a unique SSID, with encryption enabled, and a suitable WEP/WPA key pre-assigned. It's secure out of the box. Some manufactories claim that out of the box security is impossible, yet

2Wire has been doing just that since day one. If all wireless devices were delivered in the same manner, we would not have even a small fraction of the security issues often discussed here.

I don't have to think very hard to conjure several ways in which such a protocol could be abused. Even if the manufacturers would supply such a protocol, there will probably also be a means to disable it in the client and/or router making it less than useful. There are also details that would cause problems, such as authenticating the originating user and machine, dealing with spoofing, and compatibility certification. Writing such a protocol is easy. Making it work, getting it practical, selling it to the vendors, and general promotion for wide acceptance, are not so easy.

Personally, I think a one-to-one configuration between access points and clients is the answer. That means the access point configuration as seen by each client is unique. Individual encryption keys for each client, individual authorization by port access, individual firewall configuration, etc. It's like a seperate router profile for each and every device that connects. No profile, no connection. This is of little use in an open environment such as hot spots, but would improve security and configuration versatility immensely in corporate and home environment. Some model 3Com access points already have a start with individual WEP keys per client, but methinks more per-client customization is needed.

Reply to
Jeff Liebermann

Easiest thing to do is turn on some security and see if anyone squawks. Next easiest thing is set up a hot-spot portal and have the splash page say "Free access to known persons, please call [...] for a password".

Reply to
William P. N. Smith

Jeff, that illustrates a point that I've been making about wifi. we all assume the worst when someone gets into our wireless don't we? Sometimes it's not the case. That's why I'd suggest a "nudge" protocol... something like a standardised message sent by admin that asks users to identify themselves or deist... cb

Reply to
Chris Berry

Ask your router what their IP address is, port probe them, and if they have windows messenger port open, use netsend. Other ports are just as useful.

Otherwise I'd suggest simply blocking their MAC and seeing if they knock on your door.

Reply to
Mark McIntyre

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.