BridgeChecker for Mac OS X
Coming to the App Store!
BridgeChecker is a utility that can automatically disable/enable wireless interfaces. Whenever your computer is connected to an Ethernet port and the link state is good, the utility can automatically turns off the IEEE 802.11 wireless network interface. This conserves IP address allocation, reduces security risks, resolves dual interface routing issues, and prolongs battery life.
BridgeChecker on Mac App Store
Below are screen shots of app user interface on a MacBook Air.
BridgeChecker Settings Window
BridgeChecker Active Wireless Interface Status
BridgeChecker Active Wired Interface Status
Disable Upon Wired Connect
Disable upon wired connect is a feature of Dell Wireless cards. By default this feature is disabled and must be turned on using the wireless card properties menu. See below for more info about this feature. If you are looking for this feature for a non Dell wireless card check out our BridgeChecker software. BridgeChecker is free for personal / in home use.
Recommended Usage Scenarios for BridgeChecker
BridgeChecker can be used in the following scenarios.
* disable wireless when connected to LAN
* disable wireless when docked
* disable wireless when Ethernet detected
* disable wireless when wired
* disable wireless when on LAN
* disable wireless when cable connected
* disable wireless when in docking station
* disable wireless when Ethernet plugged in
* disable WLAN when LAN connected
* enable only one network adapter at a time
Dual Connected Laptop WiFi Risk
A dual connected laptop usually occurs when the wireless interface of a laptop is left enabled while the laptop is connected via the wired interface. The risks related to this scenario are outlined in the GAO Wireless Report and summarized in graphic below.
- A target laptop has a wired connection to the agency network. With wireless enabled, the target laptop automatically looks for any previously connected wireless networks by network name.
- An attacker with a scanning tool can identify wireless network names and deploy a rogue wireless access point with the same name as one of the previously connected wireless networks.
- While still connected to the agency network, the target laptop automatically connects to the rogue wireless access point, creating a dual connection, i.e., the target laptop has both an active wired and wireless connection.
- While connected to the rogue wireless access point, the target laptop can be probed and vulnerabilities exploited that could provide an attacker with access to the agency network through the target laptop.
- With unauthorized access to an agency network, an attacker is capable of destroying, modifying, or copying sensitive information.
Prevent Dual Connected Laptop Using BridgeChecker Software
BridgeChecker is a windows utility that can automatically disable/enable wireless interfaces. Whenever your computer is connected to an Ethernet port and the link state is good, the utility can automatically turns off the IEEE 802.11 wireless network interface. This conserves IP address allocation, reduces security risks, resolves dual interface routing issues, and prolongs battery life.
An evil twin access point as described in a Network World article is a
Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up by a hacker to eavesdrop on wireless communications among Internet surfers.
In reality, if the goal is to just eavesdrop, then the attacker doesn’t need a evil twin access point. Sniffing wireless traffic can be done passively using free tools and the users of the wireless network would never know.
Evil twin access points are more likely to exist when the attacker is planning a more sophisticated attack such as a MITM implementation examples from Wikipedia below.
dsniff – A tool for SSL MITM attacks
Ettercap – A tool for LAN based MITM attacks
Karma – A tool that uses 802.11 Evil Twin attacks to perform MITM attacks
AirJack – A tool that demonstrates 802.11 based MITM attacks