http://news.com.com/2100-1039_3-5059541.html By Declan McCullagh Staff Writer, CNET News.com August 4, 2003 LAS VEGAS--A strange two-wheeled creature was skimming through the halls of the Alexis Park Hotel on Sunday--a robot that sniffs out network vulnerabilities. Created by two members of a loose association of security experts called the Shmoo Group, the robot is designed to wheel around on its own detecting and reporting the security problems of Wi-Fi wireless networks. "The point of the hacker robot is that it can become an autonomous hacker droid," said Paul Holman, the robot's co-designer, who demonstrated it for the first time at the DefCon hacker convention here. "It can get in close to the network. On the offensive side, it can be used for corporate or political espionage. On the defensive side, it can be used for network vulnerability assessment." The prototype robot, which has not been named, may be the first creature designed for this purpose. Holman and hardware engineer Eric Johanson hope to sell custom versions of the unit to government agencies and businesses that are worried about the security of their own wireless networks or that hope to break into someone else's. Holman and Johanson have not yet set a price. Wi-Fi setups are exploding in popularity in corporate America, but according to Johanson, they frequently introduce security vulnerabilities into a company's larger network. "The biggest hole right now is wireless networks," Johanson said. "You don't know what the coverage of your wireless network is. It's variable, depending on the antennas being used by the guys on the outside. Everyone's deploying wireless networks. And it's very difficult to make them secure." In its prototype version, the robot weighs about 40 pounds, can reach a speed equal to that of a fast walk and can roll around for three hours at a stretch before using up its power supply. It uses one 802.11b card to eavesdrop on a wireless network and a second card as a control channel to communicate with its owner. Two batteries--a sealed lead acid pack for the electronics and a nickel metal hydride pack to drive the wheels--provide power. Currently, Holman said, the robot can sniff out passwords sent through protocols such as Telnet and POP, the post office protocol used for e-mail. Its designers said they're still working on the autonomous capabilities--including sensors to detect humans and obstacles--and so they used a game controller that's attached to a laptop in a backpack to maneuver the robot around DefCon. Johanson suggested that his robot could be a cheap network guard dog. "If they can just plug this thing in and have it roam around their wireless network, it's a more cost-effective way than having a human do it." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Aug 06 2003 - 03:02:20 PDT