this post was submitted on 06 Jul 2024
860 points (100.0% liked)

196

16459 readers
1778 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
moss@lemmy.blahaj.zone
greembow@lemmy.blahaj.zone
moss@lemmy.world
queue@beehaw.org
funky_rodent@lemmy.blahaj.zone
PeachyMcPeachface@lemmy.blahaj.zone
threegnomes@lemmy.blahaj.zone
greembow@lemmy.world
remotelove@lemmy.ca
Roflmasterbigpimp@feddit.de
qaz@lemmy.world
A_Very_Big_Fan@lemm.ee
qaz@lemmy.blahaj.zone
qaz@lemmy.ca
A_Very_Big_Fan@lemmy.world
qaz@lemmy.dbzer0.com
Qaz@lemmy.ml
qaz@sh.itjust.works
qaz@lemmy.sdf.org
860
thanks lain (rule) (lemmy.blahaj.zone)
submitted 4 months ago by Interstellar_1@lemmy.blahaj.zone to c/196@lemmy.blahaj.zone
89 comments fedilink hide all child comments
 

Source

top 50 comments
sorted by: hot top controversial new old
[–] burgermeister@lemm.ee 130 points 4 months ago (1 children)

A pineapple can have any subnet it wants. Also I have multiple subnets that start 172.16.xx.xx

[–] jabathekek@sopuli.xyz 45 points 4 months ago

you must be leet haxor

[–] joyjoy@lemm.ee 108 points 4 months ago (1 children)

172.16.0.0/12 is a valid prefix for private networks. In fact, you get more hosts than 192.168.0.0/16, but less than 10.0.0.0/8.

https://en.wikipedia.org/wiki/Reserved_IP_addresses

[–] 4am@lemm.ee 77 points 4 months ago (1 children)

Yeah, it’s not that it’s not valid for private networks, it’s that 172.16.42.x is common for WiFi Pineapples

[–] magi@lemmy.blahaj.zone 11 points 4 months ago (1 children)

Every "well ackqually" person in this thread is insufferable

[–] abfarid@startrek.website 22 points 4 months ago (1 children)

IDK, I find them quite sufferable and in fact I'm learning something from this thread.

load more comments (1 replies)
[–] tfw_no_toiletpaper@lemmy.world 63 points 4 months ago (1 children)

Please use a VPN anyway, as if hotel WiFi is secure lmao

[–] calcopiritus@lemmy.world 48 points 4 months ago (3 children)

HTTPS solved much of the security issues of untrusted networks. As long as you're not doing banking or whatever, you should be fine without a VPN.

[–] WIPocket@lemmy.world 44 points 4 months ago (2 children)

Why would banking be an issue? I get that its a target, but I really would expect a bank to take care of their TLS.

[–] Tryptaminev@lemm.ee 19 points 4 months ago

Also i would expect banks to use some sort of 2FA where you have to manually confirm any transaction on your mobile device, or enter a code generated from there into your computer.

load more comments (1 replies)
[–] Cornelius_Wangenheim@lemmy.world 19 points 4 months ago (1 children)

It should be fine as long you don't click through any SSL errors. And something like a bank should have HSTS enabled, meaning your browser will refuse to load the site if there's an SSL error.

load more comments (1 replies)
load more comments (1 replies)
[–] secret300@lemmy.sdf.org 54 points 4 months ago (1 children)

Public WiFi is just PvP enabled

[–] Natanael 13 points 4 months ago

[x] Client isolation on

This is now a safe zone

[–] MystikIncarnate@lemmy.ca 52 points 4 months ago

The only part of this I didn't immediately realize is the wifi pineapples default IP range.

From now on, I'm going to set that as my clients default public IP range to troll anyone who knows.

[–] cerement 48 points 4 months ago (1 children)

really start to worry when it’s 169.254.0.x

[–] joyjoy@lemm.ee 10 points 4 months ago* (last edited 4 months ago) (2 children)

That just means the ~~DNS~~DHCP is disabled.

Edit: words

[–] cerement 23 points 4 months ago

  • “The hotel’s free WiFi is really fast”

  • “the DNS is disabled”

[–] OsaErisXero@kbin.run 23 points 4 months ago (3 children)

That is not what that means, it means there's no dhcp on that network segment.

[–] joyjoy@lemm.ee 17 points 4 months ago (3 children)

In my defense, whenever there's a networking issue, it's always DNS related.

[–] 4am@lemm.ee 44 points 4 months ago (1 children)

The three stages of grief:

  1. It can’t be DNS
  2. There’s no way it could be DNS
  3. It was DNS
load more comments (2 replies)
load more comments (2 replies)
[–] mlg@lemmy.world 46 points 4 months ago (2 children)

*connects to pineapple

*sets subnet to 10.0.0.0/16 so I don't have to type a yee yee ass class B/C address everytime I wanna do something with an address

Or

*connects to pineapple

*Sets subnet to same as target network so paranoid user doesn't realize he connected to evil twin

load more comments (2 replies)
[–] jbk@discuss.tchncs.de 37 points 4 months ago

thank you lain

also omw to set up my dhcpv4 server to use that network whenever I create a hotspot

[–] ramble81@lemm.ee 36 points 4 months ago (10 children)

So I guess I must be a leet haxor because of all the businesses I configured for the 172.x space because 192.168.x space was too small and 10.x space was way the hell too big.

load more comments (10 replies)
[–] Draegur@lemm.ee 34 points 4 months ago

Thank you, Lain.

[–] thawed_caveman@lemmy.world 30 points 4 months ago (2 children)

Does this matter if the traffic is encrypted, such as an https website instead of http? Like, really how often is internet traffic unencrypted?

[–] beveradb@lemm.ee 20 points 4 months ago (1 children)

Yes, back when I was playing around with my WiFi pineapple there were a wide variety of tricks to break SSL authentication without it being obvious to users. Easiest was to terminate the SSL connection on the pineapple and re-encrypt it with a new SSL cert from there to the users browser, so to the user it looked like everything was secure but in reality their traffic was only encrypted from them to the pineapple, then decrypted, sniffed and re-encrypted to pass along to the target websites with normal SSL.

Man in the middle attacks really do give the attacker tons of options

[–] kahdbrixk@feddit.de 17 points 4 months ago (1 children)

That kind of ssl interception would normally be quite visible without your client device having the pineapples cert in your devices trust store, or am I wrong?

load more comments (1 replies)
[–] rmuk@feddit.uk 19 points 4 months ago

Not often. For web browsing - and the majority of apps - your session is encrypted and certified. Breaking SSL is possible but you'll know about it due to the lack of certs.

[–] Onionguy@lemm.ee 29 points 4 months ago

Thank you lain.

[–] peanuts4life@lemmy.blahaj.zone 24 points 4 months ago

Thank you Lain.

[–] Deadeyegai@lemmy.world 23 points 4 months ago

Thank you, Lain

[–] jabathekek@sopuli.xyz 22 points 4 months ago

Thanks Lain.

[–] aldalire@lemmy.dbzer0.com 20 points 4 months ago (1 children)

A lot of the comments here are saying that a pineapple can configure their subnet to use 10.x.x.x or 192.168.x.x. Is there any other way to determine if an access point is compromised?

[–] SirQuackTheDuck@lemmy.world 58 points 4 months ago (4 children)

Do some online banking. If your balance goes down more than expected, it's probably compromised.

load more comments (4 replies)
[–] MachineFab812@discuss.tchncs.de 19 points 4 months ago (2 children)

While I've never seen a router default to the 172.16... range, to me it just means that someoe bothered to modify the settings. No wonder the network is faster.

Fear-mongering much?

load more comments (2 replies)
[–] x4740N@lemm.ee 18 points 4 months ago

Thank you lain

[–] Rozauhtuno@lemmy.blahaj.zone 17 points 4 months ago

Thank you Lain.

[–] marfey@discuss.tchncs.de 14 points 4 months ago

Thank you lain.

[–] Codandchips@lemmy.world 12 points 4 months ago

Thank you Lain!

[–] abbiistabbii@lemmy.blahaj.zone 12 points 4 months ago

Thank you Lain.

[–] selokichtli@lemmy.ml 9 points 4 months ago

My ass, Lain.

load more comments
view more: next ›