[chbot] Android data-leak sniffer project

[Mark Atherton]

Volker,

My aim is to get a small setup together so that group members can 
connect their own smart phone via WiFi to the internet, and see live (or 
capture) unwanted or unexpected transactions This will require some 
interpretive help from you when it is running. No promises when this 
will happen until I do some more work.

If you could get a 15 min talk together for Mon. that will be great - 
not sure if packet dumps are going to get much of the audience excited, 
but a description of aims, setup and findings will be worth a go. Can 
you can bring a laptop with VGA out, and required material for this ?

** question to group ** who is interested in this project ?

-Mark

On 17/09/2015 2:56 p.m., Volker Kuhlmann wrote:
> On Thu 17 Sep 2015 07:06:21 NZST +1200, Mark Atherton wrote:
>
> Sorry, had a hectic 7 days and haven't read the list since I posted.
>
>> Volker,
>>
>> Firstly, I assume that you are keen to progress with this project.
>> Please let me know if otherwise.
> As I said, I don't mind, but don't personally need it as I have my own.
> No-one has spoken up who would be interested in using it if it was set
> up at BR05. Why set something up that collects dust?
>
> I can give a sufficient demonstration using packet dumps of my own
> setup, polishing it by Monday is the trickier bit.
>
>> It sounds like a machine is required with connections to an Access
>> Point (to connect to the Android device), and an Ethernet NIC (to
>> attach to the Internet).
> Yes. And that machine needs to run pfsense (FreeBSD). It's a one-image
> installer from USB stick (CD install images available if the box can't
> boot a stick).
>
>> First hardware solution could be an old laptop with wireless and
>> wired NICs (provided the internal wireless card could be configured
>> as an AP).
> Laptop wifi as AP? Sounds like a bad idea because of the hardware not
> being compatible with freebsd. Atheros chips are best, the rest is touch
> and go. Or probably frequently touch no go.
>
>> Second option could be an old small form factor PC with a PCI plug
>> in wireless card (as well as on-motherboard NIC).
> Could work, atheros chip wifi cards are cheap from tp-link. I have never
> tried it, if it isn't power-up and go I'd be reluctant to continue on
> this.
>
>> Third option could be an old small form factor PC with a PCI plug in
>> Ethernet NIC, external AP (as well as on-motherboard NIC).
> I have an old PCI Ethernet card spare for this. It would be the easiest
> to get going. The smaller the PC physically the better. Needs to have
> decent RAM, 1GB min, 2GB better, not sure 512M will give trouble.
> This is the data collector and does not need a monitor. You use another
> laptop to run the show, and that can be on the projector.
>
> We could try to set this up next week to see where we get stuck and what
> needs fixing by the Oct meeting.
>
> pfsense can be installed relatively quickly from USB stick and saves its
> config in a single xml file, from which it can also be restored. The
> whole round can still take some time but nothing serious would be lost
> by wiping the disk. It might be faster to image the disk back.
>
> Volker
>