Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: WiFi question
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 19 Nov 2004 12:43:38 -0600

It shouldn't take a wireless expert to tell you that...he should try it.

I pick up all types of weird stuff all the time in Kismet..and it looks
like something..but I know it isn't..the SSID is "A^B^C^B^D^S^G", or in
other words, trash. 

-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Paul Schmehl
Sent: Friday, November 19, 2004 10:51 AM
To: Lachniet, Mark
Cc: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] WiFi question

--On Thursday, November 18, 2004 09:32:27 AM -0600 Paul 
Schmehl <pauls () utdallas edu> wrote:

--On Wednesday, November 17, 2004 12:41:44 PM -0500 "Lachniet, Mark"
<mlachniet () sequoianet com> wrote:

Could also be RF interference.  One of my coworkers tracked down a 
particularly interesting problem with motion sensor lights.  Turns 
out the motion sensors worked at the 240mhz range, which has 
resonance at 2.4ghz, or something like that.  Hence every time the 
motion sensor worked, it would spew what the wardriving 
(site survey) 
apps thought was a zillion different access points with widely 
varying MAC addresses.  I would have though it was a 
FAKEAP program 
also.  I would assume the same could happen with other 
Having a common SSID would seem to indicate this is not 
the problem, but just thought I'd mention it.

Thanks for a particularly interesting and potentially useful bit of 
information, Mark.

After forwarding this to our wireless expert, he responded 
with this (which he has authorized me to forward to the list.)

I find it hard to believe that this is possible.  2.4Ghz is 
the 9th harmonic.  By the time you get to the 4th harmonic of 
a signal, even in very very noisy radiators, the strength of 
the harmonic component of the signal is extremely minute.  
And, given the fact that one of those sensors (which most 
likely does *not* truly operate in the 240MHz portion of the
spectrum) will have a very low output (Part 15 device), the 
10th harmonic of that signal will be undetectible as it will 
be at or below the level of background noise.

Finally, if a device managed to get past all of the 
improbabilities above, the chances of it *accidentally* 
creating a signal that looked like an
802.11 beacon packet, complete with preamble, header, etc is 
so off the charts as to be laughable.

One other thing...  If that device truly was operating at 
240MHz, then the first harmonic would be 480MHz.  I'm pretty 
sure that frequency lies in the public service bands (ie 
fire/police).  If not, its very close.  Given that and the 
fact that the first harmonic would be much stronger than the 
9th harmonic, I'm pretty sure someone in those bands would 
have complained loudly to the FCC as they don't take 
intereference issues in those bands lightly.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]