Dead Packet Society
Even dead packets can tell tales.
Remember your ABCs

Remember your ABCs

“Always. Be. Capturing.” A phrase popularized by the RF Hacker Sanctuary to ensure the collection of WiFi handshakes during competitions, as they only occur at the beginning of a session, unless deauthed. It rewarded prompt attendance, having their gear up and listening before the organizers started up their systems. It also meant you would capture and could learn from other team’s attacks.

But it’s more than a competitive strategy for the Dead Packet Society. It is a constant reminder that one should be capturing, and making tools to make capturing easier. Because we live for the signal in the noise. We search for new and unrecognizable forms of data in motion, so that we may reverse engineer them and spread the knowledge through blog posts and tool enhancements.

We’re not your typical group of network nerds focused solely on router and switch protocols, working our way to becoming a CCIE. Though, we have much respect for those on that path. We explore RFCs, IEEE standards, FCC filings, and especially any communication system that’s undocumented. This all begins with a capture.

The typical home network may appear boring and static on the surface, but it’s banality is easily misleading. Capture some traffic or run netstat, and you may discover protocols and services you didn’t expect. The handful of unknowns might also mislead you into thinking that these mysteries can be exhausted. That once again you would have complete knowledge of what runs on your network. Until you install or update another application.

Developers are constantly solving the demands of the masses with sleek interfaces hiding half baked and short lived protocols that will never see adoption. Then there is persistent infiltration of IoT devices into our homes, communicating more with each other than their owners. All this creates a rather lively and dynamic ecosystem of protocols.

Always. Be. Capturing.

Then there are other networks to explore. Basic Internet access is as complimentary as coffee. Adhoc networks such as Bluetooth and Wifi-Direct continually chase the dream of fool-proof wireless device communication. Most vehicles and IoT devices are networked utilizing a variety of standards. The rise of low-cost software defined radios has made it possible to explore an entire spectrum of RF signals. Never has there been a better time to become a network adventurer.

It’s easy to become overwhelmed by the realization of how much there is to capture, and believe that “Always Be Capturing” dictates one to capture everything. But capturing everything is a sisyphean task. Even bulk capturing of a specific transmission protocol has diminishing returns. Always Be Capturing values simplicity, leveraging tools and processes to make the process of capturing and analysis easier, not a burden.

The intent of this blog is to share our explorations and discoveries for you to learn and be inspired. Dead Packet Society has adopted “Always Be Capturing” as our mantra, and we encourage you to do the same.

Share:
Author face

Eric Gragsone

IoT and Embedded Systems Vulnerability Researcher. Specializing in Firmware and Network/RF Communications

Recent post