The Eurofurence Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Eurofurence 26 — "Welcome to Tortuga"
Estrel Congress Center Berlin
July 28 – August 1, 2021
Follow eurofurence on Twitter

Pages: [1]   Go Down

Author Topic: Wifi Conspiracy Theories  (Read 4032 times)

Tes

  • Regular Member
  • Offline Offline
  • Posts: 4
Wifi Conspiracy Theories
« on: 04.10.2014, 15:51:19 »

Quote
I can assure you that no such thing was attempted. If you had problems like the ones you described, it was most likely a case of terribly congested WiFi spectrum - with both the hotels internal WiFi system and 2000 geeks with their own routers trying to fight for bandwidth. That being said, the solution they're using (courtesy of Cisco Systems) IS pretty hostile against competing networks.

Well, I had my AP right next to my Phone and could not establish a connection even when using a free channel (WiFi-Analyzer on Android helps here). I would get disconnected immediatly.  Not that usual slow connection in a congested spectrum, a real DISCONNECT on all my clients (Laptop, 2 Smartphones).

The thing is, I had a second AP in my car which I tried too. It worked for about an hour and then the same behaviour started again. You sure the Hotel told you everything about their installation? They might not want to advertise it since business travellers might take exception when they find out they are subjected to a DoS.

Here's something to check: Did you have to provide the MAC addresses of the Wifi APs you were going to use for the con Network to the hotel? That way they could be put onto a whitelist and not be subject to the Deauth-Attack. So you wouldn't have had problems.

Logged

ysegrim

  • Superhero
  • Stage Team
  • Offline Offline
  • Gender: Male
  • Posts: 514
Wifi Conspiracy Theories
« Reply #1 on: 04.10.2014, 16:27:25 »

Seems like active attacks are normal practise for some US hotel chains: http://www.heise.de/newsticker/meldung/%4Darriott-fuer-Blockade-persoenlicher-WLAN-Hotspots-bestraft-2411517.html

But since I'd consider this illegal for Germany, too, it would be great if anyone would have some proof (dump) before going into public.

By the way, there seem to be a weird feature in the forum software (or the M*rriot C*rtyard I'm in has some l33t h4ck0rs abilities into one android phone, one Ubuntu netbook, an ssh tunnel and https connections): Whenever I enter the hotel name that starts with an "M" and ends on "arriot", this is replaced by the words "Banana" and "Fruitcake" in my posts ...
« Last Edit: 04.10.2014, 16:40:52 by ysegrim »
Logged

Tes

  • Regular Member
  • Offline Offline
  • Posts: 4
Wifi Conspiracy Theories
« Reply #2 on: 04.10.2014, 17:37:41 »

Well, I didn't have the right software installed to get a dump while the problem happened.

This will be different for EF21.

Logged

Fineas

  • ConOps
  • Country: nl
  • Offline Offline
  • Gender: Male
  • Posts: 797
Wifi Conspiracy Theories
« Reply #3 on: 04.10.2014, 20:30:19 »

You guys really want to take it this way?
No offense, but it really sounds like something I have seen earlier on computers in general with different soft-/hardware platforms.

Better soft-/hardware in general can indeed push away other applications and devices working over the same protocol.
Just to give some examples:
- Quality of Service is their to ensure a percentage of the available bandwidth gets reserved so that their is always room for packages to get through, even if traffic gets more congested. Even so, I see that torrent traffic can push away out most other traffic with sheer connections and HTTP traffic like a download can push out connections by congesting the actual bandwidth.
- I have seen Cisco and Linksys pushing out other wifi channels. It mostly happens on auto setting as apparently they tend to stick on a certain channel and be more 'brutal' of 'full harding' in sending over their data instead of waiting for room in the air space.

As such I would not be very surprised if the wifi access points might see the new access point pop up and try to either negotiate with it and fail or pick up devices trying to pick up on the chatter being send over an already occupied wifi channel and pushing them out.

However, might I remind you that the hotel is doing their best to provide everyone with free wifi over the whole hotel.
Just putting in more devices does not solve the problem.

Wifi works over 15 channels. Unfortunately, this only means the 15 channels are spread out over the 2.4 ghz or the newer 5 ghz spectrum. And even on that they interlock.
Channel 1 shares 50% of the available broadcasting frequencies with channel 2 etc etc. Their are actually just 7 channels strictly speaking that do not interfere with each other.

Even further, metal in different shapes can bend the signal and cause all kinds of resonation and noise on different frequencies.
As such the only thing you can do in cramped spaces with lots of devices all connected on the same time is have a lot of bandwith, do a lot of throttling and make sure all devices in the area 'play nice' and keep in turns when congestion starts to play up.

So, we can try all we want to try and circumvent the problem by negotiating with the hotel and such, but I think it boils down to this.
If you just use a device to check your Facebook and mail whatever. Do it if the line works and leave it at that.

If it is 'mission critical' to you to have a real stable connection and/or you need more bandwidth. Pay the fee and hook up with the cable on your room.
Yes I agree it is expensive compared to what you pay for a home ISP connection, but we are talking about premium services in a 4 star hotel.
I see no conceivable way to provide more then 2000 people with probably more then 1 device each to make a stable wireless network, even worse as all access points are already integrated in the structure. The only thing they can do is change settings and configurations.

I feel all suggestions are welcome, but keep in mind that just blaming the hotel or just doing this or that is not going to solve the problem just like that.



*Frowns at the topic name* What did I got myself in to?

btw: In retrospect I only want to add, that any issues with your wifi code / hotel room connection on site are probably best discussed with the reception of the hotel.
If they take the time to check your room 3 times a day, I don't think they will mind if you inquiry about your wifi connectivity. (Just to be sure, but I am talking about the hotel free wifi, not the mobile phone private wifi stations people have been trying)
« Last Edit: 05.10.2014, 23:20:39 by Fineas »
Logged

tanor

  • ConOps
  • Offline Offline
  • Posts: 3
Re: EF20 feedback
« Reply #4 on: 05.10.2014, 15:24:53 »


2) If you tried to use one of those little 3G / WLAN routers or your smartphone as a WLAN AP in your room, you might have noticed that it didn't work very well, you got disconnected almost immediatly. This only started with the beginning of the Con, no problems were encounted before the con started (if you booked early arrival). It looked a suspiciously like a WLAN-Deauth-DOS-Attack if you have your phone directly next to the 3G/WLAN-Router and it can't establish a reliable connection. This attack works by spoofing the MAC address of your Router and sending a de-authentication packet which will disconnect your device from your AP.  Please tell the Hotel to not do that again, it might backfire. After all, it wasn't done before the Con started.

I can assure you that no such thing was attempted.


Hi,

I can confirm that the hotel did nothing like that. I had a successful tehering LTE connection over my phone. The bandwith was definitly OK. But I had to place my phone close to the window to make it work. :)

My WLAN scanner program found a lot of people using tethering...so it seemed to work for a lot of people.

I have not the exact number of the amount of the networks found, but it was somewhere close to 80.
 

Regards,
Tanor
« Last Edit: 12.10.2014, 20:49:37 by tanor »
Logged

Tes

  • Regular Member
  • Offline Offline
  • Posts: 4
Re: EF20 feedback
« Reply #5 on: 12.10.2014, 17:46:29 »

The infrastructure that can run a Deauth-DoS-attack is the Cisco one. So if you had a room to facing outside and your AP was not visible on the management console for the Cisco APs, you were fine. The rooms were covered by TP-Link APs (according to the MAC address)

I had a room facing the atrium and was probably visible to more than one Cisco AP and someone might have thought it funny to use that capability.

BTW: According to Cisco documents, the management console will give you a warning that using the deauth capability might have legal repercussions unless it's a rogue AP on your own LAN you try to keep from being used.

Logged

Token

  • Convention Security Operative
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 211
  • *nom nom nom*
Re: Wifi Conspiracy Theories
« Reply #6 on: 29.11.2014, 11:39:43 »

You have ~200+ serious furry technerds on EF, some even with psychological issues (aka assholes), each of them could Deauth or run a bunch of other wifi-related attacks*.

I do agree, that this kind of behaviour from hotels does happen and highly unacceptable, yet I would not accuse anyone without solid proof. I.e. dumps and log with a directional antenna, evaluating multiple access points etc.. Or more easily, asking the hotel tech guys if they use such techniques. They also have a reputation to take care of.

Ofcourse, the bullet-proof perfect solution guaranteed to work would be: Turn of your Laptop/Mobile, come to the bar and drink a beer with me! :3 The only Deauth-Requests that could ruin this would be some security emergency, but that is rare and hard to fake. :3

Best wishes,
Token


*this is actually a reason why I recommend anyone unexperienced about computers and security to avoid using personal gear on public/foreign networks on such a big convention.
Logged
Pages: [1]   Go Up